Information Security Programs

Build a certified information security program

Get a leg up on your competition! Assure your clients that their information is secure on your systems. Demonstrate your information security operational excellence with a certified information security program which meets your industry framework requirements.

We offer project-based services to help you build information security programs or its components to adhere to common information security frameworks.

The projects can be for

  • your organization as a whole

  • your department

  • one or more of your products or product lines

The following are representative projects with which we can assist:


  • Build / improve your information security program

        • Implement policies and procedures, security controls, and monitoring to meet common industry requirements using frameworks from COSO, NIST, ISO, and HIPAA

        • A project consists of scoping, gap assessment, policies creation / modification, controls design, controls implementation, controls monitoring, and applicable recurring training


  • Develop information security policies

        • Policies and procedures are developed or existing ones modified to meet the requirements of the required controls families in the applicable security framework. NIST 800-53, for example, has 20 controls families.


  • Perform penetration tests

        • Working with your IT support staff, we perform internal and/or external network based penetration tests to assess configuration or patch vulnerabilities in your network infrastructure.


  • Design and implement a secure software development program

        • For software developers, we work with your engineers to create software development life cycle policies, to assure your deployed software follows secure development practices such as in ISO27034-1, which reduces the risk that vulnerable software is deployed.

What our clients say:

"Surprised at how thorough this company's work is." - Dave W, CT.