Regulatory standards
If your company is involved in the health care field, credit card processing, government, or has to comply with a particular security standard, we have a package that will ensure compliance, regardless of the required standard. We can ensure your company is in compliance with the following standards and will pass all certifications.
- International Standards Organization (ISO 27000)
- Sarbanes-Oxley (SOX)
- Payment Card Industry (PCI)
- Health Insurance Portability and Accountability Act (HIPPA)
- Foreign Ownership, Control or Influence (FOCI)
- Federal Information Security Management Act (FISMA)
- Department of Defense (DOD)
- National Industrial Security Program Operating Manual (NISPOM)
- Federal Information Security Management Act (FISMA)
- Control Objectives for Information and related Technology (COBIT)
We also have packages and services available if you are simply concerned with security, but do not have any particular compliance requirement.
How it's done
We start out by doing a complete risk assessment. The information discovered during the risk assessment is mapped to a particular compliance standard or desired security level. The output of this process is a complete gap analysis. We will create a plan that addresses and solves any identified gaps. We then implement the plan in a timely fashion, meeting all milestones. Following the implementation is a comprehensive analysis and certification of compliance. Our final process is a steadfast continuing commitment to ensure compliance long into the future through auditing and timely checks to ensure the highest security standards.
Phillips Consulting, Inc.