IT Compliance Services

IT Compliance Services
The Business Challenge

As technology becomes more advanced, regulations become more complicated. Failing to adhere can result in large fines and legal entanglements that damage your reputation and wreak havoc on your bottom line.  Even with those looming threats, many organizations procrastinate compliance assessments. If they don't have compliance experts on staff, businesses face an uphill battle, trying to achieve compliance while "learning on the job."

How We Help

Compliance assessment is an opportunity for your organization to take stock of its IT infrastructure, increase operational efficiencies, tighten security, and reduce liability. Regulatory compliance is a complement to other governance, cybersecurity, and risk management activities that provide valuable insight to IT and business leaders.

Contact us and we'll develop an approach that suits your business and compliance needs. 

The Details

We have expertise addressing a wide variety of government and industry regulations, as well as the globally accepted security frameworks. 

Education

  • Children's Internet Protection Act (CIPA)
  • Children's Online Privacy Protection Act (COPPA)
  • Family Educational Rights and Privacy Act (FERPA)

Energy and Utilities

  • North American Electric Reliability Corporation (NERC) Standards

Financial Services and Insurance

  • Gramm-Leach-Bliley Act (GLBA)
  • Federal Deposit Insurance Corporation (FDIC) Standards
  • Federal Financial Institutions Examination Council (FFIEC) IT Security Handbook
  • Red Flags Rule
  • National Association of Insurance Commissioners (NAIC) Model Audit Rule (MAR)
  • National Credit Union Administration (NCUA) Standards

 

 

 

Healthcare

  • Health Insurance Portability and Accountability Act (HIPAA)
  • HITRUST Common Security Framework (HITRUST CSF)
  • Red Flags Rule

Public Sector

  • Criminal Justice Information Systems (CJIS)
  • Federal Information Security Management Act (FISMA)
  • National Institute of Standards and Technology (NIST) Special Publications 800 Series

And More

  • Center for Internet Security (CIS) 20 Critical Security Controls
  • Control Objectives for Information Technology
  • International Standards Organization (ISO) 27000 Series
  • NIST Cybersecurity Framework
  • Payment Card Industry Data Security Standards (PCI DSS)
  • Software Licensing
  • Sarbanes-Oxley Act (SOX)