Skip to main content

Who We Are

About
Sage GRC

Sage GRC is the consulting and advisory arm of Sage Audits LLP. We help companies get audit-ready, strengthen their controls, and build compliance programs that actually hold up. Headquartered in Westminster, Colorado. Working with clients nationwide.

Our Background

Backed by
Sage Audits LLP.

Sage GRC operates under Sage Audits LLP, a licensed CPA firm founded in Colorado with a focus on IT audit and assurance. Our team brings experience from Big Four firms and industry-side roles, covering everything from large public company SOX programs to first-time SOC 2 audits for early-stage SaaS companies.

We started Sage Audits to bring high-quality audit and advisory work to organizations that typically could not access that level of expertise without paying large firm rates. Sage GRC is the consulting side of that mission: helping companies prepare, strengthen, and build so that when the audit comes, it goes smoothly.

Our consulting and advisory services operate independently from our attest work to maintain professional independence. We cannot perform attest and consulting services for the same client simultaneously, but we can help you prepare and then refer you to independent assurance resources, including our SOC 2 services at wesoc2.com.

Visit Sage Audits LLP Book a Consultation

Firm Details

  • Sage Audits LLP, a licensed independent CPA firm
  • 1499 West 120th Ave, Suite 110, Westminster, Colorado 80234
  • Colorado CPA Firm License FRM.5000785
  • Team credentials: CPA, CISM, CISSP, CISA, CRISC, CITP
  • info@sageaudits.com
  • +1 (303) 578-8093
Jordan Novak, Managing Partner at Sage GRC and Sage Audits LLP
CPA CISM CISSP CISA CRISC CITP

Managing Partner

Jordan Novak

Sage GRC & Sage Audits LLP

Jordan leads Sage Audits LLP and Sage GRC. His background spans IT audit, information security, and compliance work at leading professional services firms, with deep experience in SOC 1 and SOC 2 reporting, SOX ITGC assessments, and GRC program development for SaaS and tech-forward organizations.

He has worked inside the Microsoft 365, Azure, AWS, and Google Cloud environments that his clients run, which means he understands what good controls actually look like in practice, not just how they appear in a policy document.

Jordan holds the CPA, CISM, CISSP, CISA, CRISC, and CITP designations and brings Big Four training to every engagement. His approach is practical: identify what matters, fix what is broken, and make sure your team understands why it matters before the auditors arrive.

Book a Consultation with Jordan

Managing Director

Managing Director

Our Managing Director brings deep expertise in IT audit and cybersecurity from large-scale engagements across financial services, healthcare, and technology sectors.

Focused on application controls, vendor risk, and IT governance program development. Experienced across complex enterprise environments including multi-cloud, hybrid infrastructure, and regulated industries.

CISA
View Full Team on Sage Audits
Managing Director at Sage Audits LLP

A Note on Independence

Sage Audits LLP performs formal attest services (SOC 1, SOC 2, and other examinations) as a licensed CPA firm. Professional independence standards require that attest and non-attest consulting services not be performed for the same client at the same time. Sage GRC consulting engagements and Sage Audits attest engagements operate separately to maintain this independence. If you need both, we can help you sequence the work and connect you with the right resources at the right time.

Ready to work with us?

Book a free 30-minute consultation and tell us about your compliance goals. We will help you figure out where to start.

Book a Free Consultation