Governance, Risk Managment, Compliance (GRC)
We can develop the solution for your GRC/Security/Privacy implementation, perform and monitor execution of assessments of information systems against multiple frameworks as well as overall risk management.
GRC/Security/Privacy frameworks include:
GRC for cloud platforms, Compliance as Code
Federal Risk and Authorization Management Program (FedRAMP)
National Institute of Standards and Technology (NIST) Risk Management Framework (NIST RMF)
National Institute of Standards and Technology (NIST) Cybersecurity Framework (NIST CSF)
Federal Information Systems Management Act (FISMA)
Center for Medicare & Medicaid Services (CMS) Minimum Acceptable Risk Standards for Exchanges (MARS-E)
Health Information Portability and Accountability Act (HIPAA) Security Rule (HSR)
Department of Commerce Privacy Shield
Cloud Security Alliance (CSA)
International Organization for Standardization (ISO) 27000 Series
General Data Protection Regulation (GDPR)
Center for Internet Security (CIS) Benchmarks
Center for Internet Security (CIS) Critical Security Controls
Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIGS)
Information Technology Infrastructure Library (ITIL)
Control Objectives for Information and Related Technologies (COBIT)
Payment Card Industry Data Security Standards (PCI-DSS)