- Massachusetts 201 CMR 17 Compliance – The Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) released the “Standards for the Protection of Personal Information of Residents of the Commonwealth” (the “Regulation”) establishing standards for protecting Massachusetts’ residents’ personal information. This law sets forth guidelines establishing protection mechanisms such as encryption of documents; secure wirelessly data transmission, deployment of secure architectures and usage or security policies and procedures. The regulations also require businesses to complete internal and external security risk assessments. READ MORE
- HIPAA Security – We provide our clients comparative information and baselines against industry standard practices in addition to the HIPAA mandated review items in the Security Rule. A complete assessment as required under the HIPAA risk assessment specifications includes on-site interviews with personnel, system analysis, policy and procedure review and remediation suggestions. READ MORE
- Physical Security Survey – A KRAA Physical Security Survey (PSS) will be comprised of a comprehensive overall security survey identifying risks and will target what can be considered high risk areas. You have a due diligence responsibility to have your property assessed to prevent security incidents such as physical assaults of people, thefts against your company assets and property damage caused by vandals. READ MORE
- E-Discovery and Forensics– Every regulation and lawsuit has a component of E-Discovery and Forensics. KRAA Security provides computer forensic services to gather and analyze records from electronic devices to help find the evidence you need to prove your case! We have one of the most comprehensive service offerings in the industry, ranging from forensic imaging to data recovery and proactive employee monitoring services.
Many organization face requirements from internal and external auditors, business partners or regulatory bodies. Usually your security team is required to help provide an analysis of the environment but may not have the breadth of experience to cover all areas of security. Outside assistance is typically required to address audit and compliance requirements.
An information security compliance audit is an in-depth appraisal of the organization’s adherence to existing policies and industry best practices and identification of areas of weakness that need to be addressed to meet business needs or regulatory and compliance requirements. We will assess the existing weaknesses and develop countermeasures in three areas of people, process, and technology.
We can analyze your compliance measures against such popular regulations like SOX, HIPAA, and PCI. We can help you determine the most cost effective software, procedure, and process compliance measures to adhere to regulatory standards. Through our gap analysis approach, we design a remediation process and identify mitigating controls.
For more information please contact us