Information Security Compliance Assessments
Our Information Security Compliance Assessment provides you with a comprehensive report of your company’s current security posture through a thorough evaluation of the organizations technical, management and administrative controls. Stratus Cyber conducts an in-depth review of information technology general controls through on-site interviews with key stakeholders, physical walk-throughs and data/artifact collection to provide you with a concise yet comprehensive look into your organization’s information security program.
Our security experts are equipped with a broad understanding and experience with security frameworks, standards and disciplines that you can count on. We specialize in the assessing against the following:
- Federal Information Security Management Act (FISMA)
All federal agencies and contractors are required by law to comply with the Federal Information Security Management Act of 2002: updated in 2014
- Payment Card Industry Data Security Standard (PCI DSS)
A proprietary standard created by credit card companies for organizations that handle major credit cards including Visa, MasterCard, American Express, Discover, and JCB
- NIST 800 Series Special Publications
NIST uses the Special Publication subseries to publish computer/cyber/information security and guidelines. Several Popular ones include:
- NIST 800 53
- NIST 800 171
- Risk Management Framework (RMF)
The RMF is the unified information security framework for the entire federal government that replaced the legacy Certification and Accreditation (C&A) processes within federal government departments and agencies, the Department of Defense (DOD) and the Intelligence Community (IC).
- Federal Risk and Authorization Management Program (FedRAMP)
The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.