Our Services

Our Services

POLICIES AND PROCEDURES AND RISK ASSESSMENT

We will evaluate your cybersecurity program and make a plan to close the gaps.

• Draft new, or revise existing, cyber and data security policies and procedures to address administrative, technical, and physical safeguards; focus areas include:
  • Risk assessment
  • Physical security
  • Hardware/software
  • Data
  • Network security
  • Service providers
  • And more
• Draft new, or revise existing, SEC and Regulation S-ID compliant policies and procedures
• Prepare and maintain and Incident Reponse Plan
• Conduct initial and annual cyber and data security risk assessments for client network

VENDOR MANAGEMENT SOLUTIONS

Stay up-to-date on how other businesses are handling your and your clients’ information.

• Assist in maintaining a well-documented vendor management program
• Maintain an approved vendor list
• Perform remote vendor due diligence reviews, conducted annually
• Complete onsite vendor due diligence reviews (optional)

TRAINING AND TESTING SERVICES

Test your network for vulnerabilities and train employees to keep it safe.

• Annual coordination of client network scanning (“penetration testing”)
• Coordination of ongoing employee phishing training
• Coordination of annual cybersecurity training
• Annual Regulation S-P training

DOCUMENTATION AND DELIVERABLES

We help you maintain a fully documented cybersecurity program.

• Annual production of:
  • Detailed outline of review parameters
  • Reports of phishing and penetration test results
  • Analysis of vendor due diligence
  • Documentation of risk assessments
  • Recommended updates to policies and procedures
• Assist with conducting incident response tabletop exercise scenarios
• Log of cyber and data security training and testing
• Records of risk assessments and findings