Home About Us

About Impact Risk Advisors

Advisors Who Think Like
Attackers. Operate Like Your Team.

Founded on the conviction that real cybersecurity compliance reduces genuine business risk - not just satisfies auditors. We bring practitioner-first expertise to every engagement, every time.

Louis van der Westhuizen - Founder and Principal, Impact Risk Advisors
Louis van der
Westhuizen
Founder & Principal
CISA
CISSP
CIA

Meet the Founder

Louis van der Westhuizen

Founder & Principal

Impact Risk Advisors

Louis van der Westhuizen founded Impact Risk Advisors with a single, clear mission: to give organizations the same quality of cybersecurity leadership and compliance expertise that Fortune 500 companies take for granted - delivered with the agility, accountability, and personal commitment that only an independent firm can provide.

With credentials as a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), and Certified Internal Auditor (CIA), Louis brings a rare combination of offensive security insight, audit rigor, and business acumen to every client engagement. His background spans Big 5 advisory, enterprise CISO roles, and hands-on penetration testing - meaning he's sat on every side of the table your security program faces.

Louis leads every engagement personally. When you work with Impact Risk Advisors, you're not handed off to a junior analyst - you get direct access to decades of practitioner-level expertise, translated into clear, actionable guidance your business can actually execute.

CISA CISSP CIA SOC 2 ISO 27001 HIPAA
LOUISV@IMPACTRISKADVISOR.COM
714-390-3153
Connect on LinkedIn

Our Commitment

The IMPACT Manifesto

At Impact Risk Advisors, we stand at the forefront of excellence in IT audit consulting. We believe in forging partnerships built on integrity, innovation, and a relentless commitment to mitigating risk.

Our manifesto isn't a wall decoration - it guides how we show up for every client, every engagement, every deliverable. When you engage Impact Risk Advisors, you're working with advisors accountable to the same standard they hold you to.

We've seen too many organizations invest heavily in annual compliance exercises only to remain fundamentally vulnerable. We built something different: continuous, measurable improvement in your security posture - not just a clean audit report once a year.

Our team brings together former CISOs, Big 4 audit practitioners, certified ethical hackers, and compliance specialists - united by a practitioner-first philosophy. We've managed breaches at 2 a.m., built security programs from scratch inside Fortune 500 organizations and 10-person startups alike.

"We believe genuine security compliance isn't about checking boxes - it's about building organizations that are harder to breach, easier to audit, and more trusted by the customers and regulators they serve."

- Louis van der Westhuizen, Founder & Principal
I

Integrity is our cornerstone.

We uphold the highest ethical standards, fostering trust and transparency in all our interactions.

M

Mastery drives our pursuit of excellence.

We continually refine our expertise in Internal Audit, Monitor, Prevent, Assess, Compliance, and Technology to deliver unparalleled value.

P

Proactivity is our ethos.

We anticipate challenges, identify vulnerabilities, and empower organizations to address risks before they escalate.

A

Accountability is our promise.

We take ownership of our recommendations and actions, ensuring every solution is tailored to your unique needs.

C

Collaboration fuels our success.

We partner with clients as trusted advisors, working hand in hand to navigate complex regulatory landscapes.

T

Technology is our ally.

We harness the latest advancements in technology to enhance audit effectiveness and future-proof organizations.

Why We're Different

What Sets Impact Risk Advisors Apart

Not every cybersecurity firm is built the same way. Here's what you get when you work with us.

Practitioner-Led, Not Process-Driven

Every engagement is led by Louis personally - a CISA, CISSP, and CIA with real-world CISO experience. You get practitioner insight, not a templated methodology applied by junior analysts.

Continuous Engagement, Not Point-in-Time

We maintain your compliance program year-round - not just scramble before an audit. Continuous monitoring, policy maintenance, and evidence management mean you're always ready.

Business-First Risk Communication

We speak the language of your board, your enterprise customers, and your auditors - translating technical risk into business impact that drives real investment decisions.

Multi-Framework Efficiency

We map your controls once and satisfy multiple frameworks simultaneously. No redundant documentation, no duplicated effort - your full regulatory footprint covered efficiently.

Transparent Pricing, No Surprises

Scope is defined clearly upfront. You'll never receive an invoice that shocks you. We believe in straightforward engagements with clear deliverables and honest timelines.

Deep Framework Expertise

Six major frameworks with dedicated, in-house expertise: SOC 1 & 2, ISO 27001, HIPAA, NIST 800-53, and GLBA. Not generalists with a checklist - specialists who live in these frameworks daily.

18+
Years of experience
150+
Compliance audits supported
6
Major frameworks supported
Proven
Long-term client relationships and repeat engagements

Ready to Work With a Team That's Accountable to Your Outcomes?

Schedule a free consultation with Louis directly. No sales team, no handoffs - just honest expert guidance on your cybersecurity and compliance challenges.

Schedule a Consultation View Our Services