All your data needs to be protected. We can help.
Protecting this data is keeping the CIO's and CISO's up at night. Novacoast can help them rest easy knowing they have a trusted partner looking out for their needs. We have experience implementing compliant protection of everything from personal credit card data (PCI-DSS) to personal identifiable information (PII), personal health information (PHI) to corporate financial data, personal financial data and nearly everything else.
Most regulations boil down to a single sentence command: Implement IT security to protect data. But while most compliance solutions focus solely on technical controls (servers, databases etc.), Novacoast can ensure no people and processes are left out. Let us give your team a holistic view of policy enforcement and control.
We can show you how to incorporate your organization's risk ratings into the system for monitoring and reporting. This will help the Risk Department get IT and other departments to align with the knowledge and processes that go into assessing risk.
What we do:
- Provide independent review and assessment of internal controls
- Assessment and writing of policies and procedures
- Provide security awareness training for every level of the organization
- Incident response team on call and ready to assist
- Staffing of IT staff with security knowledge
- For SOX: Verification that internal controls are in place and that financial information reported to the SEC are true and accurate for investors
- FISMA: Implementation of the required FISMA - NIST standard
What you need to know:
- The CEO/CFOs of public US companies are required to certify that they have reviewed and approved the veracity of the financial reporting of their organization.
- SOX requires auditor independence and rotation
- FISMA requires that information security is aligned with the National Institute of Standards and Technology (NIST) Special Publication 800-XX series.
- Information Security is important to SOX to ensure that there is an audit trail of all changes that may affect the accuracy of reporting the organization's financial position.