There may be a time when you have a client of your own that will place security requirements on their data that you manage through the services you provide them. Or perhaps meeting specific compliance initiatives are simply a requirement of your business. Compliance initiatives that a business is often required to have include PCI-DSS, SOC 2, HIPAA, FISMA, and ISO 27001 to name a few. These have imposed stringent regulatory requirements even for small, privately held businesses. Rest assured Electric Alchemy can help your company implement the security controls and documentation required by contractual specifications without breaking the bank.
We also provide compliance consulting for US Federal Government Agencies. Electric Alchemy consultants understand the intricacies of the many NIST guidelines and special publications. We can help you develop a compliance program that will make continuous monitoring, as well as certification and accreditation, cost effective and efficient. And our experience in dealing with auditors from the Office of Inspector General (OIG) can assist your company in preparations for their annual audits. Proper preparation can make the potentially harrowing prospect of an OIG audit an efficient and amicable experience.
Our overall methodology for dealing with compliance matters is to “be secure first, and compliance will come naturally.” Compliance does not always equal security, but being secure usually means you are compliant.