Question: How can we do business with you?
Answer: We will do an initial consult, then if we agree we can help you, send you a digital agreement with deliverables, terms and conditions. It is very simple.
Question: What type of support can you provide?
Answer: We can come in on very short duration and targeted analysis as well as projects. We like to limit the engagements to 90-120 days with shorter sprints built in. We can provide continuing advisory services to support a variety of programs, but typically you will want to test our results before going this route.
Question: How do you get up to speed if we need to move quickly?
Answer: We have been trained extensively in performance improvement, technology management, risk and compliance management and frameworks. We work with the client to do a quick assessment and develop what project success looks like, what project deliverables will be required, and what leaders intent will look like.
Question: Can you really uncover the "Big Rocks" even if we already have a firewall, anti-virus and malware protections?
Answer: Oh yes! Often items are overlooked such as having an up to date Enterprise Architecture, Data Flow Models, Threat Models, and Actionable Policies. Uncovering these overlooked items makes the difference between moderate maturity to more advanced maturity.
Question: What type of audits do you perform?
Answer: We have expertise and work to help our clients assess their security, threats and vulnerabilities, risk, compliance, and maturity. We can also get a business ready for audits from its clients. This includes getting the business ready for an audit by a security professionals, compliance specialists or auditors. In some situations like Payment Card Industry (PCI) and Service Organization Control (SOC) 2 we work with our clients and the outside auditors to maximize efficiencies and minimize costs.
Question: Do you have experience working with large Fortune 500 type organizations?
Answer: Yes. In our work we help small and medium businesses work with their clients and provide what we call rapid response capabilities to respond to audits coming from the Fortune 500. Typically this involves working with the small business and the Fortune 500 CISO or Security Officers and Compliance Officers.
Question: Do you provide ongoing managed services for maintaining compliance?
Answer: Yes, we will design a customized portal on your infrastructure or will offer one through our cloud service, depending on the requirements.
Question: Can you help us find the right technology to meet our security and compliance needs?
Answer: Yes, have built a library of solutions matched to a variety of security and compliance needs. We will help you pick the right solution for your organization
Question: Can you manage our IT Infrastructure?
Answer: We will help you put an infrastructure in place including coming up with the best model of how to manage your infrastructure. We often work with IT Outsourcing Vendors, such as Managed Services Providers and Managed Security Services Providers that can bring you tremendous cost advantages and systems administration experience. We also help with the contracting and developing Master Services Agreements (MSAs) and then help you on-board a vendor of your choice.
Question: We don't really understand IT, can you help us communicate with Vendors and Suppliers?
Answer: Yes, we work with our SMB clients including developing gap closing requirements to improve security and compliance. We then work with the Vendors and Suppliers, such as outsourced IT (managed services) or outsourced Security, and communicate, manage, and track SMB security and compliance initiatives.his is a long form text area designed for your content that you can fill up with as many words as your heart desires. You can write articles, long mission statements, company policies, executive profiles, company awards/distinctions, office locations, shareholder reports, whitepapers, media mentions and other pieces of content that don’t fit into a shorter, more succinct space.