Regulatory Advisory

Helping clients achieve regulatory compliance using their definition of “reasonable” and “appropriate.”

Example Engagement
Engaging Outside Counsel for a Regulatory Matter

An application service provider engaged HALOCK to help them establish a risk-based approach to address multiple security and privacy regulations.

HALOCK’s Duty of Care Risk Analysis (“DoCRA”) method defines each client’s reasonable and appropriate level of risk in a way that aligns with due care. This helps evaluate security in terms that are friendly to business and compliance, but it should involve specialized counsel.


HALOCK convinced the client to further engage outside counsel to help define risk assessment and risk acceptance criteria, to participate in risk reduction planning, and to review draft materials. The client’s executive officers and Board of Directors gained confidence that the resulting risk analysis and risk reduction plan were openly and frankly evaluated, and that resulting analysis and plans were defensible to regulators and, if necessary, litigators.


Assess your duty of care with the DoCRA Checklist.

Blue DoCRA Reasonable Security Checklist

Partner with HALOCK for reasonable safeguards.

Contact Us