Compliance Assessment
In this phase, Orange Parachute evaluates your current compliance management program for conformance to legal and regulatory strategic, tactical, and operational requirements, utilizing ISO 27001 as a baseline mapped to your specific regulatory requirements. Many organizations already have some form of compliance program in place, although it may be informal. We assess your current infrastructure for "re-usability", in order to not "re-invent the wheel". This assessment serves as a foundation for enhancing corporate governance and establishing a formal Compliance Management System (CMS).
Compliance Assessments
Orange Parachute's Compliance Assessments evaluate an organization's operational compliance posture. Each assessment
results in a gap analysis report which is designed to give your team the insight and recommendations needed to ensure
visibility to whatever regulation you are seeking to become compliant to.
In addition to evaluating the existence of necessary controls, Orange Parachute compliance assessments recognize the maturity of controls, rating them on a scale of 0 to 5, utilizing the Capability Maturity Model (CMMi). This rating assists with prioritizing compliance efforts and serves as a roadmap for the remaining phases of Compliance Management System implementation.
Types of Assessments:
- ISO 27001 / ISO 27002
- PCI-DSS
- SOX
- HIPAA
- GLBA
- FISAP (BITS Shared Assessments)
- FISMA
- BASEL II
- EU Directive
- SB 1386 (and other security breach related regs)
- Any other compliance initiative