Compliance

Failing an audit can highlight preventable risks and be a significant cost to your organization. With our experience in highly regulated organizations, we can prepare you to sail through your next audit.

We can run assessments based on common frameworks such as:  

• Center of Internet Security (CIS) Critical Security Controls
• National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)
• NIST Cybersecurity Framework to assess the measures currently implemented to protect your critical assets) 

We can review organizational policies, procedures, guidelines, and technology controls to ensure compliance with industry standards. Applicable frameworks include: 

• Health Insurance Portability and Accountability Act (HIPAA)
• Gramm-Leach-Bliley Act, Federal Information Security Management Act (FISMA)
• Payment Card Industry Data Security Standards (PCI-DSS)
• California Consumer Privacy Act (CCPA) for doing business in California 
• General Data Protection Regulation (GDPR) for doing business in Europe