IT Service Offerings
Compliance Background
FFIEC (Federal Financial Institutions Examination Council)
HIPPA Security Rule Guidance
NIST SP800-171 - Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
AICPA SOC
IT and Cybersecurity Experience
Oversight
Strategy/Policies
Risk Management Program
Risk Assessment
Audit
Training
Threat Intelligence
Monitoring and Analyzing
Infrastructure Management
Access and Data Management
Device/Endpoint Security
Threat and Vulnerability Detection
Anomalous Activity Detection
Patch Management
Design and implement it controls with cybersecurity and compliance in mind
Information Security Program
Policies and Procedures
Incident Response Planning and Testing
IT/IS/Cybersecurity Training
Technology Infrastructure and Security
Network Infrastructure and Security
Server / Hypervisor Security
Workstation / Client Security
Mobile Application Management
Secure (Remote) Access Service Edge (SASE) Deployment
Secure Data Disposal
Security Monitoring
Intrusion Prevention
Logging and Monitoring Controls
Business Continuity Plan and Disaster Recovery
Business Impact Analysis and Risk Assessment
Disaster Recovery Testing and Training
Secondary Backup Location
Data Backup and Restore
Sample Service Contract Terms
At-Will: Written notice of at least 30 days’ notice
Payment: Hourly and Quarterly Billing
Payment Method: Credit/Debit Card, ACH, Check
Retainer: Not Required
Expenses: Client reimburse reasonable out-of-pocket expenses attributable directly to work performed
Status: Independent Contractor
Insurance: Client must maintain broad form commercial general and cyber/data breach liability insurance policy
Governing Law: California