eCompliantz services, methods and approach can be likened to a SWAT team.  A SWAT team visualizes a quick response team of highly experienced and specialized personnel that rapidly address difficult and critical problems to a conclusion in a short time period. The eCompliantz team  is a group of highly trained professionals who have been trained and gained valuable expertise at the FBI, intelligence agencies, audit firms and recognized commercial firms in security and audit positions. We use them in engagements for business security, information security, risk management, security beach management and compliance audit reviews.
Our Personnel have at least 10 years experience in their field of expertise. They are motivated, professional, object oriented  and highly focused on meeting their assigned objectives on schedule.   
        We Price our services on a unique  fixed-fee basis using our Timebox methodology. We never like time and materials pricing nor do our clients because you never know what the end cost is going to be.  Our extensive experience in this field enables us to estimate a project based on  similar  assignments we have undertaken before.   
  
        Services are customized  to a clients specific needs and budgets. Security and Compliance is a generic category, however, each  client’s needs are rather unique in business processes, functionality, corporate culture and technology operation.

     Business Physical Security Assessment:
Site security Assessment & Recommendations
Access Review and recommendations

     Business Information Security Assessment: 
Electronic information is  the business critical lifeblood for a corporation. 
Information can be compromised in a matter of a few seconds by external and internal factors.  We conduct a comprehensive review of corporate security  from an information technology viewpoint denoting weaknesses as low, medium or high risk. We not only review and test perimeter defenses for external threats , we review policies and procedures as well as review risk from employees, contractors, visitors and business partners. Compliance Regulations embody many controls related to risk and security, these controls are also reviewed and reported. Loss of information assets could mean the suspension of corporate business, so we review business continuity policy and procedures. We use the internationally recognized ISO 17799 standards for our review, and we can assist our clients in achieving in the advantageous ISO 27005 certification. Our report will iclude a Gap Analysis identifying tasks that need to be achieved in order to be secure and/or compliant.  

  • Corporate Security Policy - design and evaluation 
  • Corporate Security Audit - processes and technology 
  • Business Continuity - Review of policy and procedures 
  • Risk Mitigation - Review of processes, procedures and practices 
  • Technology Asset Review 
  • Regulatory Compliance - Audit and Gap Analysis 
  • Personnel Assessment relative to security, risk management and compliance
  •  ISO 17799 / 27001 audit



      Technology Security Assessment: 
Corporate management often say, we have spent all this money on IT security software and equipment, we must be secure. Not necessarily, invariably the lack of specific expertise in an IT department can mean acquisition of  inadequate software and equipment. We will review your vulnerabilities through tests and assessments, then review the technology, policy and procedures in operation then report on your true security  scorecard.

  • Evaluate IT Security policy and procedures 
  • Evaluate IT Network and Infrastructure
  • Evaluate Intrusion detection and Risk Mitigation capabilities 
  • Network Security Vulnerability Assessment 
  • Network Forensics 
  • Penetration Tests



      Compliance  Regulations Assessment:
Technologists are experienced in their technical field, however,   compliance regulations are typically not their area of expertise.  It can be expensive for a corporation to fail a compliance audit, or if there is a compromise of financial data and subsequent federal/state audits uncover a state of non-compliance. We live in an age when authorities wish to make an expensive statement to violators in order to deter other potential violators. We provide a review against  regulations for which you need to be compliant. 

  • Review Compliance processes and procedures: 
  • Audit assessments for SAS70, Sarbanes-Oxley (S 404), HIPAA, FISMA, GLBA, PCI, etc 
  • Data Reliability audit



      Business Continuity Assessment: 
Disasters,  sabotage, terrorism, pandemics,  may cause the loss of key information and information assets.  What is your business continuity plan?  We provide an expert assessment and report.

  • Business Continuity policy and procedures 
  • Business Continuity solutions 
  • Pandemic policy and procedures



      Security Breach Response  for Information Technology: 
Your company has been compromised by a hacker, or suffered the disruption of a “virus”/ “worm”, or employees/contractors/business partners have compromised vital information that will cause harmful publicity, potential loss of customers, potential loss of corporate value, litigation, etc. We assist in managing and controlling that situation to minimize exposure and track the perpetrators using our forensics expertise.

  • Incident Response policies and procedures 
  • Incident Management - manage tasks and events when an incident occurs 
  • Forensics - Specify and managing tasks to collect forensics for investigation or litigation