Strategic Advisory Services : A Virtual CISO
The volume, complexity, and inherent risk of today’s enterprise information are forcing organizations to rethink how they govern their information. Applying policies in a transparent, consistent manner is the key to automating governance at scale.
We employ and engage some of the top CISO’s (Chief Information Security Officers) in the industry as advisers and consultants to our clients in order to establish regulatory compliant and best practice processes and policy to assure a strong and layered cyber-defense posture.
Processes related to the capture and management of paper and electronic records from all enterprise systems demand compliance with regulatory requirements such as Privacy, Freedom of Information, Dodd-Frank and HIPPA with policy based security, access and retention.
Government agencies are uniquely exposed to records management requirements specifically to DoD5015.2 and VERS, the International standard of records management, ISO 15489:2001, and elements of ISO 16175: Principles and Functional Requirements for Records in Electronic Office Environments.
Our team of seasoned CISO’s are fully qualified and certified to perform and/or prepare audits for all records management requirements along with SOC 2, PCI-DSS ROC, ISO/IEC 27001, FIPS/NIST 800-53, FISMA, HIPAA-HITECH and “meaningful-use” risk.
We suggest the development and implementation of a set of specific cyber-security policies addressing all IT business practices, particularly those dealing with information and personal records to assure that employees, vendors, partners and contractors are in synchronization with human behavior requirements for operating in a situationally aware cyber-secured environment.
These policies include industry best practices related to the protection, storage and handling of sensitive and private government and personal employee information and the development of audit-ready practices and processes for insuring information safeguards required by current law.
Our CISO’s would be happy to conduct a quick review your current policies and practices and provide you with a summary overview of where you stand in light of regulatory compliance and best practices for your industry.