ONE FRAMEWORK TO MEET ALL YOUR CYBERSECURITY NEEDS
ONE FRAMEWORK TO MEET ALL YOUR CYBERSECURITY NEEDS
Testimonials
Testimonials
Compliance
Our streamlined processes, policy templates and standardized controls simplify compliance.
- ISO 27001 Compiance and Certification
- SSAE SOC 1 Audits
- SSAE SOC 2 Audits
- SSAE Readiness
- NIST Cybersecurity Framework Policy Templates
- NIST Cybersecurity Standardized Control Processes
- NIST Cybersecurity Control Training
- FedRAMP
- CUI
- AI
Our streamlined processes, policy templates and standardized controls simplify compliance.
- ISO 27001 Compliance and Certification
- SSAE SOC 1 Audits
- SSAE SOC 2 Audits
- SSAE Readiness
- NIST Cybersecurity Framework Policy Templates
- NIST Cybersecurity Standardized Control Processes
- NIST Cybersecurity Control Training
- FedRAMP
- CUI
- AI
Internal Audit Staff Augmentation
We have extensive experience performing IT audits, security assessments and providing Sarbanes Oxley and SSAE support. Our consultants are seasoned experts. We are efficient, provide timelines and detailed agendas in advance of meetings and have flexible pricing models to optimize each client’s fees. Our staff augmentation services include:
- Internal or External Audit support (IT audit, financial audit and/or operational audit at senior, manager or director levels)
- Security Assessments
- Incident Response, Disaster Recovery and Business Continuity Audits
- Sarbanes Oxley Control Testing
- Vendor Management security assessment
- SSAE SOC readiness and testing
QuickBooks Accounting and Financial Statement Services
Over 10 years experience with QuickBooks acting as the CEO or CFO of multiple organizations in a wide range of industries including: Real Estate, Healthcare, Property Management, Wholesale, Restaurant , and Consulting. As part of the IS Security Solutions team we strive to offer customized solutions for small businesses and pride ourselves on being very efficient to meet your business needs and budget.
QuickBooks Accounting and Financial Statement Services
Over 10 years experience with QuickBooks acting as the CEO or CFO of multiple organizations in a wide range of industries including: Real Estate, Healthcare, Property Management, Wholesale, Restaurant , and Consulting. As part of the IS Security Solutions team we strive to offer customized solutions for small businesses and pride ourselves on being very efficient to meet your business needs and budget.
IS Security Solutions, LLC was founded in 2004. Our consultants have expansive expertise in Audit, Process and Control Documentation and Training, Project Management, Process Improvement, Incident Response, Business Continuity, Compliance (NIST, AI, ISO, Sarbanes Oxley, PCI, HIPAA, SSAE SOC1 and SOC2) and IT General Computer Controls. Most importantly, IS Security Solutions is known for its preparedness, streamlined methodologies and quality results. Our goal is always to exceed expectations. We are prepared to step in as a member of your team or ready to run the engagement.
We are efficient, provide timelines and detailed client assistance guides in advance of meetings and only charge for time worked. If we come in under budget, that savings is yours.
IS Security Solutions, LLC has mapped NIST 800-53 Rev 5 to multiple regulatory compliance requirements including: Sarbanes-Oxley, SSAE SOC2 (AICPA Trust Services), CMMC, PCI and HiTrust. Our technical writer has developed corresponding policies and process templates that are clear, concise, and written with the intent of being implemented and adhered to by employees at every level. Our policies are not high-level generic documents, instead the content reads as process and procedure guidelines.
In our SOC 2 Control Matrix, we have mapped the AICPA’s 33 Common Criteria, 28 additional availability, confidentiality, processing integrity and privacy control objectives and approximately 200 point of focus to the corresponding NIST 800-53 Rev 5 compliance controls. Furthermore, we took the time to also provide a simplified version of the control wording to clarify the intent of the control. Next we defined the documentation or support that will be required for an audit as evidence the control is in place and working as intended. Lastly, we specified the procedures your auditor is likely to perform to help ensure a clean audit opinion.
Showing 13–18 of 29 results
-
Computer Usage Policy NIST PL-4 & PS-6
Policies $299.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST PL-4 Rules of Behavior & PS-6 Access Agreements.
-
System and Communication Protection Policy – NIST SC-1
Policies $299.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST SC-1.
-
Security Configuration Policy NIST SA-4
Policies $299.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST PR.DS-1 SA-4 Security Configuration Policy.
-
System and Information Integrity Policy – NIST SI-1
Policies $299.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST SI-1.
-
System Development Life Cycle Change Management Policy NIST CM-1
Policies $299.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST PR.IP-1-3 CM-1 Configuration management policy and procedures.
-
Identity Access Control Policies NIST AC-1 and IA-1
Policies $299.00 Add to cartComposed by our technical writer, this customizable Word document enables compliance with NIST AC-1 and IA-1.
AI Compliance
CUI Compliance
FedRAMP Readiness
NIST Cybersecurity Framework
NIST Policy, Procedure and Control Services
Third Party Service Provider Risk Services
SOC Type I Readiness
SOC Type II Readiness
Staff Augmentation
Cybersecurity Specialist
CISO
Director Internal Audit
Compliance Auditor
Six Sigma Process Reengineering
Incident Response Management
Business Continuity
Disaster Recovery
Project Management
IS Security Solutions, LLC is a consulting firm with expertise in cybersecurity, compliance, audit, disaster recovery, business continuity, project management and six sigma process improvement. We help clients document policies, implement controls and efficiently complete audit assessments with favorable results. Our approach is unique. We have created a single cybersecurity framework to meet all your compliance requirements. One set of policies, procedures, and controls to implement, train upon, enforce, audit, and update. We help IT teams increase security while implementing efficient control processes and procedures. Our project management skills are applied to all engagements to maximize output while recognizing efficiencies. Better, faster, cheaper… IS Security Solutions.
- NIST security policy documents and procedures templates written by our Technical Writer to allow for efficient implementation and to ensure they can be understood by employees throughout the organization.
- Our staff spent an estimated 120 hours developing these templates. That’s a cost savings of $18,000 and a time savings of at least three weeks. Writing cybersecurity policies can take an internal team months and it involves pulling your most senior and experienced experts away from daily job responsibilities.
- Our audit teams have years of experience. Our methodologies are proven to be simple, straight forward and efficient.
The importance of having a System and Services Acquisition Policy
A System and Services Acquisition Policy is an important policy that defines the procedures and protocols that are involved in the acquisition of information technology systems and services by an organization. This policy is essential in ensuring that the organization acquires systems and services that are secure, reliable, and capable of supporting its business goals. Here are some reasons why a System and Services Acquisition
5 Importance Reasons of having a Personnel Information Transparency Policy
A Personnel Information Transparency Policy is a crucial part of an organization’s privacy strategy. It outlines the procedures and safeguards in place to protect the privacy of employees’ personal information, including their names, addresses, social security numbers, and other sensitive data. Here are some reasons why a Personnel Information Transparency Policy is essential for every organization: Protecting Employee Privacy: A Personnel Information Transparency Policy helps
Meet Our Founder
Wendi Finn
Wendi has passed both the CPA and CISA exams and has extensive project management and process improvement experience. Additionally, she has board experience having served as a member of the State of Ohio Audit Committee. She obtained a BS in Accounting and a Masters degree in Information Systems. She is an alumnus of Ernst & Young with 20 years of compliance, security and accounting experience. In 2004 she founded IS Security Solutions, LLC.