Risk program assessments, analyses, and audits orient an organization. Whether it is a rapid assessment or an ISO 22301 audit, Lootok can provide organizations with an actionable assessment from which to build a world-class program.

We extract program information through sampling, group activities, and data modeling, versus relying exclusively on interviews. This unique approach is more cost-effective and minimizes the burden on internal resources. We apply judgment and context to the standards, based on your industry, culture, business strategies, and executive expectations, while checking all the boxes you need for a formal audit. 

The outcomes from our assessments are:

  • To baseline your program against BCM standards to help you make decisions on ‘what to do next?’
  • To identify potential problems and challenges in your program
  • To allow you to make critical and defensible investment decisions

See how your program stacks up

“Lootok was able to come in and realize that we didn't want, nor were we interested in, a formal, rigid program. We were able to create a very flexible program that focused on concepts and value-versus just a set of instructions.”

Cristina Costantini Vice President Enterprise Risk, The Children's Place


photo of Justin Wang

Justin Wang


Justin is an experienced risk consultant specializing in information technology. Prior to joining Lootok, Justin spent three years within EY's Risk Advisory practice where he performed assessments related to IT controls, security of sensitive data, data privacy, and project management. At Lootok, Justin assists clients in identifying risks and developing business continuity plans to respond to incidents and unforeseen disruptions.

Learn more about Justin Wang