ONE FRAMEWORK TO MEET ALL YOUR CYBERSECURITY NEEDS
ONE FRAMEWORK TO MEET ALL YOUR CYBERSECURITY NEEDS
Testimonials
Testimonials
Compliance
Our streamlined processes, policy templates and standardized controls simplify compliance.
- ISO 27001 Compiance and Certification
- SSAE SOC 1 Audits
- SSAE SOC 2 Audits
- SSAE Readiness
- NIST Cybersecurity Framework Policy Templates
- NIST Cybersecurity Standardized Control Processes
- NIST Cybersecurity Control Training
- FedRAMP
- CUI
- AI
Our streamlined processes, policy templates and standardized controls simplify compliance.
- ISO 27001 Compliance and Certification
- SSAE SOC 1 Audits
- SSAE SOC 2 Audits
- SSAE Readiness
- NIST Cybersecurity Framework Policy Templates
- NIST Cybersecurity Standardized Control Processes
- NIST Cybersecurity Control Training
- FedRAMP
- CUI
- AI
Internal Audit Staff Augmentation
We have extensive experience performing IT audits, security assessments and providing Sarbanes Oxley and SSAE support. Our consultants are seasoned experts. We are efficient, provide timelines and detailed agendas in advance of meetings and have flexible pricing models to optimize each client’s fees. Our staff augmentation services include:
- Internal or External Audit support (IT audit, financial audit and/or operational audit at senior, manager or director levels)
- Security Assessments
- Incident Response, Disaster Recovery and Business Continuity Audits
- Sarbanes Oxley Control Testing
- Vendor Management security assessment
- SSAE SOC readiness and testing
QuickBooks Accounting and Financial Statement Services
Over 10 years experience with QuickBooks acting as the CEO or CFO of multiple organizations in a wide range of industries including: Real Estate, Healthcare, Property Management, Wholesale, Restaurant , and Consulting. As part of the IS Security Solutions team we strive to offer customized solutions for small businesses and pride ourselves on being very efficient to meet your business needs and budget.
QuickBooks Accounting and Financial Statement Services
Over 10 years experience with QuickBooks acting as the CEO or CFO of multiple organizations in a wide range of industries including: Real Estate, Healthcare, Property Management, Wholesale, Restaurant , and Consulting. As part of the IS Security Solutions team we strive to offer customized solutions for small businesses and pride ourselves on being very efficient to meet your business needs and budget.
IS Security Solutions, LLC was founded in 2004. Our consultants have expansive expertise in Audit, Process and Control Documentation and Training, Project Management, Process Improvement, Incident Response, Business Continuity, Compliance (NIST, AI, ISO, Sarbanes Oxley, PCI, HIPAA, SSAE SOC1 and SOC2) and IT General Computer Controls. Most importantly, IS Security Solutions is known for its preparedness, streamlined methodologies and quality results. Our goal is always to exceed expectations. We are prepared to step in as a member of your team or ready to run the engagement.
We are efficient, provide timelines and detailed client assistance guides in advance of meetings and only charge for time worked. If we come in under budget, that savings is yours.
IS Security Solutions, LLC has mapped NIST 800-53 Rev 5 to multiple regulatory compliance requirements including: Sarbanes-Oxley, SSAE SOC2 (AICPA Trust Services), CMMC, PCI and HiTrust. Our technical writer has developed corresponding policies and process templates that are clear, concise, and written with the intent of being implemented and adhered to by employees at every level. Our policies are not high-level generic documents, instead the content reads as process and procedure guidelines.
In our SOC 2 Control Matrix, we have mapped the AICPA’s 33 Common Criteria, 28 additional availability, confidentiality, processing integrity and privacy control objectives and approximately 200 point of focus to the corresponding NIST 800-53 Rev 5 compliance controls. Furthermore, we took the time to also provide a simplified version of the control wording to clarify the intent of the control. Next we defined the documentation or support that will be required for an audit as evidence the control is in place and working as intended. Lastly, we specified the procedures your auditor is likely to perform to help ensure a clean audit opinion.
Showing 1–6 of 29 results
-
SSAE18 SOC2 Readiness Package
NIST Cybersecurity Policy & $7,500.00 Add to cartComposed by our technical writer, this customizable package enables compliance with SSAE18 SOC2.
-
Third Party Service and Software Providers Policy and Inventory and Evaluation Templates NIST ID.AM-4
Policies $499.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST ID.AM-4 Third Party Service and Software Providers Policy, Inventory Template and Evaluation Template
-
Business Continuity Plan Policy, Requirements and Test Templates NIST CP
NIST Control Audit Templates $499.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST PR.IP-9 Contingency Planning
-
Risk Assessment Policy and Template NIST RA-1 & RA-3
Policies $399.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST RA-1 Risk Assessment Policy.
-
NIST Cybersecurity Policies: IR-1 and IR-8 Incident Response Policy and Reporting
Policies$500.00Original price was: $500.00.$399.00Current price is: $399.00. Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST IR-1 Incident Response Policy and IR-8 Incident Response Plan.
-
Information Security Roles and Responsibilities Policy and Template NIST PM-1
Policies $399.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST PM-1 Information Security and Privacy Program and Resources Policy.
AI Compliance
CUI Compliance
FedRAMP Readiness
NIST Cybersecurity Framework
NIST Policy, Procedure and Control Services
Third Party Service Provider Risk Services
SOC Type I Readiness
SOC Type II Readiness
Staff Augmentation
Cybersecurity Specialist
CISO
Director Internal Audit
Compliance Auditor
Six Sigma Process Reengineering
Incident Response Management
Business Continuity
Disaster Recovery
Project Management
IS Security Solutions, LLC is a consulting firm with expertise in cybersecurity, compliance, audit, disaster recovery, business continuity, project management and six sigma process improvement. We help clients document policies, implement controls and efficiently complete audit assessments with favorable results. Our approach is unique. We have created a single cybersecurity framework to meet all your compliance requirements. One set of policies, procedures, and controls to implement, train upon, enforce, audit, and update. We help IT teams increase security while implementing efficient control processes and procedures. Our project management skills are applied to all engagements to maximize output while recognizing efficiencies. Better, faster, cheaper… IS Security Solutions.
- NIST security policy documents and procedures templates written by our Technical Writer to allow for efficient implementation and to ensure they can be understood by employees throughout the organization.
- Our staff spent an estimated 120 hours developing these templates. That’s a cost savings of $18,000 and a time savings of at least three weeks. Writing cybersecurity policies can take an internal team months and it involves pulling your most senior and experienced experts away from daily job responsibilities.
- Our audit teams have years of experience. Our methodologies are proven to be simple, straight forward and efficient.
The importance of having a System and Information Integrity Policy
A System and Information Integrity Policy is a vital component of an organization’s cybersecurity program. It defines the policies and procedures required to ensure the integrity of an organization’s information technology systems and data, including identifying, protecting against, and detecting unauthorized changes to information. Here are some reasons why a System and Information Integrity Policy is crucial: Protection Against Data Tampering: A System and Information
The importance of having a System and Communication Protection Policy
A System and Communication Protection Policy is an essential component of any organization’s cybersecurity program. It outlines the policies and procedures that govern the protection of an organization’s information technology systems and communication channels from unauthorized access, use, modification, and destruction. Here are some reasons why having a System and Communication Protection Policy is crucial: Protecting Confidential Information: A System and Communication Protection Policy helps
Meet Our Founder
Wendi Finn
Wendi has passed both the CPA and CISA exams and has extensive project management and process improvement experience. Additionally, she has board experience having served as a member of the State of Ohio Audit Committee. She obtained a BS in Accounting and a Masters degree in Information Systems. She is an alumnus of Ernst & Young with 20 years of compliance, security and accounting experience. In 2004 she founded IS Security Solutions, LLC.