IT Compliance Services
The Business Challenge
As technology becomes more advanced, regulations become more complicated. Failing to adhere can result in large fines and legal entanglements that damage your reputation and wreak havoc on your bottom line. Even with those looming threats, many organizations procrastinate compliance assessments. If they don't have compliance experts on staff, businesses face an uphill battle, trying to achieve compliance while "learning on the job."
How We Help
Compliance assessment is an opportunity for your organization to take stock of its IT infrastructure, increase operational efficiencies, tighten security, and reduce liability. Regulatory compliance is a complement to other governance, cybersecurity, and risk management activities that provide valuable insight to IT and business leaders.
Contact us and we'll develop an approach that suits your business and compliance needs.
We have expertise addressing a wide variety of government and industry regulations, as well as the globally accepted security frameworks.
- Children's Internet Protection Act (CIPA)
- Children's Online Privacy Protection Act (COPPA)
- Family Educational Rights and Privacy Act (FERPA)
Energy and Utilities
- North American Electric Reliability Corporation (NERC) Standards
Financial Services and Insurance
- Gramm-Leach-Bliley Act (GLBA)
- Federal Deposit Insurance Corporation (FDIC) Standards
- Federal Financial Institutions Examination Council (FFIEC) IT Security Handbook
- Red Flags Rule
- National Association of Insurance Commissioners (NAIC) Model Audit Rule (MAR)
- National Credit Union Administration (NCUA) Standards
- Health Insurance Portability and Accountability Act (HIPAA)
- HITRUST Common Security Framework (HITRUST CSF)
- Red Flags Rule
- Criminal Justice Information Systems (CJIS)
- Federal Information Security Management Act (FISMA)
- National Institute of Standards and Technology (NIST) Special Publications 800 Series
- Center for Internet Security (CIS) 20 Critical Security Controls
- Control Objectives for Information Technology
- International Standards Organization (ISO) 27000 Series
- NIST Cybersecurity Framework
- Payment Card Industry Data Security Standards (PCI DSS)
- Software Licensing
- Sarbanes-Oxley Act (SOX)