FishNet Security's dedicated team of Governance, Risk and Compliance (GRC) professionals understand the business and technical needs that drive an effective and efficient information security program. We have a long history of evaluating and building information security programs for organizations of all types and sizes within a wide range of industries.
Our consultants help organizations move from fragmented, compartmentalized GRC solutions to programs that strategically address the big picture to support any business. With effective, proven programs in place, organizations can establish governance controls, continually examine the existing environment, and define risk management activities in a coherent framework that enhances decision-making and analysis to support growth and high performance.
FishNet Security's comprehensive GRC offerings include:
- Security Program Review, Gap Analysis and Strategic Planning; based on specific benchmarks such as:
- ISO 27001/2
- FISMA / NIST 800-53
- Information Security Program Model (ISPM) Executive Workshop
- Archer eGRC Solutions – Implementation Professional Services
- Business Partner Security Assessments
- Business Continuity Planning/Disaster Recovery (BCP/DR)
- Vulnerability and Threat Management Program evaluation
- Risk Management/Assessments
- Security Policy Review, Gap Analysis and Development
- Physical Security Reviews
- Business Continuity Maturity Model© (BCMM) Assessment
- Cloud-based infrastructure and security lab