IT Compliance Services

IT Compliance Services
The Business Challenge

As technology becomes more advanced, regulations become more complicated. Failing to adhere can result in large fines and legal entanglements that damage your reputation and wreak havoc on your bottom line.  Even with those looming threats, many organizations procrastinate compliance assessments. If they don't have compliance experts on staff, businesses face an uphill battle, balancing becoming compliant with learning about compliance.

How We Help

Compliance assessment is an opportunity for your organization to take stock of its IT infrastructure, increase operational efficiencies, tighten security, and reduce liability. Regulatory compliance is a complement to other governance and risk management activities that provide valuable insight to IT and business leaders.

We're IT GRC experts and business partners. We look at each engagement as an opportunity to refine your IT infrastructure and operations, maximizing your investment in time and money. 

Contact us and we'll develop an approach that suits your business and compliance needs. 

The Details

We have expertise addressing a wide variety of regulations, encompassing a variety of industries. 

Financial Services

  • Gramm-Leach-Bliley Act (GLBA)
  • FFEIC IT Security Handbook

Healthcare

  • HIPAA Security Rule
  • HITRUST
  • HITECH
  • Red Flags Rule

Energy

  • North American Electric Reliability Corporation (NERC)
  • Federal Energy Regulatory Commission (FERC)

And More

  • Payment Card Industry Requirements (PCI DSS)*
  • National Association of Insurance Commissioners (NAIC) Model Audit Rule
  • Criminal Justice Information Services (CJIS)
  • Children’s Internet Protection Act (CIPA)
  • SANS Top 20 Critical Security Controls
  • Software Licensing
  • Sarbanes-Oxley (SOX)

 

*PCI DSS 3.0 went into effect on January 1, 2015.