Virtual ISO™

Fractional Information Security Officer Services

 

Overview

Whether you’re in a regulated industry such as government, banking or healthcare or a small business that takes credit card payments, 21st century businesses have data protection requirements. You have a business to run but you don’t want to face the potential fines and damage to your reputation that could put you in the headlines. Assura’s Virtual ISO™ is designed for small to mid-sized organizations that need someone to take charge of data security and compliance but cannot justify the expense of a full-time Information Security Officer. The result is world-class security and compliance that delivers strategic value at a substantial savings without giving up a thing.

Services that Get Results

Virtual ISO™ includes the following services:

  • Day-to-day security management
  • Security policies, procedures, and plans
  • Security processes and procedures
  • Security awareness training
  • Security and compliance assessments
  • Risk assessments
  • Third-party vendor oversight
  • Secure system development
  • Investigate and lead response to security breaches
  • Recurring compliance activities
  • Audit defense

Compliance Expertise

Assura’s security professionals are experts in compliance with laws, regulations and standards such as:

  • CJIS
  • COBIT
  • FERPA
  • FFIEC
  • HIPAA/HITECH
  • ISO 23001
  • ISO 27001/27002
  • ISO 31000
  • IRS 1075
  • NIST SP 800-53
  • NIST SP 800-37
  • PCI DSS
  • SOX
  • SSAE-16/SOC 2
  • State-level security standards and data protection laws

And of course, Assura’s Virtual ISO™ service is backed by our unique AuditArmor™ Guarantee!