About Us
IS Security Solutions, LLC was founded in 2004. Every member of the firm has 20+ years of corporate experience. Our consultants have expansive expertise in Audit, Process and Control Documentation and Training, Technical Writing, Project Management, Process Improvement, Compliance (NIST, ISO, Sarbanes Oxley, PCI, HIPAA, SSAE SOC1 and SOC2) and IT General Computer Controls (logical security, change management, computer operations, back-up and recovery). Most importantly, IS Security Solutions is known for its preparedness, streamlined methodologies and quality results. Our goal is always to exceed expectations. We are prepared to step in as a member of your team or ready to run the engagement.
IS Security Solutions, LLC’s fee schedule is simple. We charge a blended hourly rate, plus travel expenses incurred (limited to reasonable airfare, transportation, hotel, parking and per-diem as necessary). All of our consultants are seasoned experts; thus, you are not paying to train our staff. We are efficient, provide timelines and detailed client assistance guides in advance of meetings and only charge for time worked. If we come in under budget, that savings is yours.
IS Security Solutions, LLC has mapped NIST 800-53 Rev 5 to multiple regulatory compliance requirements including: Sarbanes-Oxley, SSAE18 SOC2 (AICPA Trust Services), CMMC, PCI and HiTrust. Our technical writer has developed corresponding policies and process templates that are clear, concise, and written with the intent of being implemented and adhered to by employees at every level. Our policies are not high-level generic documents, instead the content reads as process and procedure guidelines.
In our SOC 2 Control Matrix, we have mapped the AICPA’s 33 Common Criteria, 28 additional availability, confidentiality, processing integrity and privacy control objectives and approximately 200 point of focus to the corresponding NIST 800-53 Rev 5 compliance controls. Furthermore, we took the time to also provide a simplified version of the control wording to clarify the intent of the control. Next we defined the documentation or support that will be required for an audit as evidence the control is in place and working as intended. Lastly, we specified the procedures your auditor is likely to perform to help ensure a clean audit opinion.
NIST Cybersecurity Framework
NIST Policy, Procedure and Control Services
Third Party Service Provider Risk Services
SOC Type I Readiness
SOC Type II Readiness
Staff Augmentation
Cybersecurity Specialist
CISO
Director Internal Audit
Compliance Auditor
Sixth Sigma Process Reengineering
Incident Response Management
Business Continuity
Disaster Recovery
Project Management
IS Security Solutions, LLC is a consulting firm with expertise in cybersecurity, compliance, audit, disaster recovery, business continuity, project management and six sigma process improvement. We help clients document policies, implement controls and efficiently complete audit assessments with favorable results. Our approach is unique. We have created a single cybersecurity framework to meet all your compliance requirements. One set of policies, procedures, and controls to implement, train upon, enforce, audit, and update. We help IT teams increase security while implementing efficient control processes and procedures. Our project management skills are applied to all engagements to maximize output while recognizing efficiencies. Better, faster, cheaper… IS Security Solutions.
- NIST security policy documents and procedures templates written by our Technical Writer to allow for efficient implementation and to ensure they can be understood by employees throughout the organization.
- Our staff spent an estimated 120 hours developing these templates. That’s a cost savings of $18,000 and a time savings of at least three weeks. Writing cybersecurity policies can take an internal team months and it involves pulling your most senior and experienced experts away from daily job responsibilities.
- Our audit teams have years of experience. Our methodologies are proven to be simple, straight forward and efficient.
Meet Our Founder
Wendi Finn
Wendi has passed both the CPA and CISA exams and has extensive project management and process improvement experience. Additionally, she has board experience having served as a member of the State of Ohio Audit Committee. She obtained a BS in Accounting and a Masters degree in Information Systems. She is an alumnus of Ernst & Young with 20 years of compliance, security and accounting experience. In 2004 she founded IS Security Solutions, LLC.
