Services

ADHERE’s Review
Security assessments, risk assessments and vulnerability assessments can and should be done on a semi-annual or even more frequent basis. These reviews assist your company in obtaining the best view of security health from analyses provided by a trusted, independent, and confidential company.

ADHERE’s Advisory (PREP)
Federal, state, and industry driven regulations require compliance from all companies. ADHERE is experienced in several regulations and compliances: SSAE16 SOC 2, HIPAA, NIST, FISMA/FedRAMP, GLB, ISO 17799/27001/27002, CA DBO and Privacy (for several states and countries). ADHERE does everything from assisting your company on auditing compliance to creating compliance for all systems, employees and third parties. As affiliates to AICPA, Expert Members of IIA.org, and educated in Risk and Technology, we are a unique team for preparation.

ADHERE’s SOC-as-a-Service
An MSSP (Managed Security Service Provider) assists companies in the practice or ISO 27001, PCI DSS and other compliance in meeting the criteria and controls of “monitoring and Logging” without some of the tools and staff resource overhead. ADHERE assists companies with the Planning, Building and Running of a Security Operations Center, as well as the SIEM (Security Information Event Management) as a Service. We partner with AlienVault and Hewlett Packard (HP) is building and running such SOCs. READ MORE about SOC-as-a-Service…

ADHERE’s FedRAMP Program Preparation and Assistance
Before a Cloud Service Provider (CSP) can begin the Federal Risk and Authorization Management Program (FedRAMP) certification process, it must first implement FedRAMP compliant documentation and controls. ADHERE understands these requirements and how they pertain to each organization. READ MORE about FedRAMP Services…

ADHERE’s ISO 2700x Preparation & Attestation
The International Organization for Standardization (ISO) 2700x series of Compliance provides for a common set of international standards for information security. Whether your organization is implementing ISO 27001, ISO 27002, or both, ADHERE can guide you through the process. READ MORE about ISO 2700x Services…

ADHERE’s SSAE 16 SOC 2 Preparation & Attestation
Statement on Standards for Attestation Engagements (SSAE) 16 SOC 2 is an auditing standard written for service organizations. While Service Organization Control (SOC) 1 reports primarily on financial institutions and their controls, SOC 2 framework and reporting focuses on the technology service providers (such as data centers, cloud-based businesses, IT managed services, and software-as-a-service) as they pertain to five principles: Security, Availability, Integrity, Confidentiality, and Privacy of data held or processed by the service organization. In the chosen principles, we focus on Policies, Procedures, Communication and Evidence. READ MORE about SSAE 16 SOC 2 Services…

ADHERE’s Risk Assessments
Paramount to any organization’s security is an assessment of risk. Is your organization at risk? Where are the risks? Or more importantly, do you know what your risks are? Depending upon your organization’s Risk Treatment Plan (RTP), ADHERE can perform Quarterly and Annual Risk Assessments as one of our services. And if your company does not have a formal RTP, ADHERE can create one for you. READ MORE about Risk Assessment Services…

ADHERE’s InfoSec Security Programs & Training
Awareness and Training programs educate all companies in being alert and wise about security. Security does not remain constant; therefore, a practice should be established to ensure ongoing security awareness from your employees, contractors, consultants and vendors. ADHERE builds programs for large and small companies, ranging from 60-minute seminars to training policy manuals. These training materials and/or sessions assist you in meeting SOX, ISO and SSAE16 requirements. READ MORE about ADHERE’s InfoSec Security Programs & Training Services…

ADHERE’s Attestation Service
A primary service ADHERE offers is its Attestation Service. The attestation is a formal review and scoring of your organization’s ISMS as it applies to the specific compliance (ISO 2700x, SSAE 16 SOC2, PCI Readiness, FISMA, etc.) that your organization is striving to attain or maintain. It is important to point out that the attestation is NOT an audit; it is an independent third-party assessment culminating with a Letter of Attestation and Recommendation Package. The results or score of the attestation provides your Senior Leadership Team a unique insight as to whether you are ready to engage a formal audit firm. READ MORE about Attestation Services…

ADHERE’s Business Continuity & Disaster Recovery Planning
Availability for every company is measured on the ability to continuously do business. Business Continuity and Disaster Recovery Planning is what the technical industry calls the practice phase. Fortune 500 companies are prepared with proper availability to meet business needs, redundant practices, resources, equipment and data centers. Other critical business systems need a method to survive any emergency, disaster, or third-party service outage. We have the expertise to analyze, plan and strategically document your ability to do this business.

ADHERE’s Awareness and Training
Awareness and Training programs educate all companies in being alert and wise about security. Security does not remain constant; therefore, a practice should be established to ensure ongoing security awareness from your champions, employees, contractors, consultants and vendors. ADHERE builds programs for large and small companies ranging from 30-minute seminars to training policy manuals. These training materials and/or sessions assist you in meeting S-Ox, ISO and SSAE16 requirements.

Comments are closed