SERVICES

The online environment is evolving rapidly and so are the threats to your organization. Additionally organizations are being inundated by increasing and changing compliance and privacy requirements.  To meet these challenges security organizations must adopt a risk based security model that:

  • Aligns with business priorities and goals.
  • Reduces complexity and increases cost-effectiveness.
  • Increases organizational satisfaction with information security and privacy programs.
  • Embeds security and privacy into the design and operation of the IT environment.
  • Improves prevention, detection and recovery capabilities.
  • Demonstrates compliance and proper risk management practices within the organization.

GramercyStreet offers a full complement of consulting and assessment services that will assist your
organization meet its security and privacy goals.


Start with where you are. Our first task will be to identify what you are currently doing with respect to IT security. FISMA compliance is how the government implements IT security so you are likely doing many of these things already and we want to ensure these are identified early in this process.


Measure your current level of compliance. The government has specific requirements and we will identify which you are currently meeting fully or partially and which we will need to evaluate for implementation.


Assess your business goals. This program will be your IT security program and must align with your business goals.


Risk analysis will allow us to understand various impacts of implementing, or not implementing, FISMA security controls and therefore make appropriate decisions on what we will and will not implement in your environment.


Templates will allow us to quickly provide the initial deliverables the government requires and will also allow you to improve your compliance posture quickly and efficiently.

Information Security

  • Security Strategy and Governance
  • Security Policy, Process and Procedure Development
  • Security Architecture
  • Security Program Development
  • Penetration Testing
  • Cloud Security
  • Application Security
  • Mobile Device Security

Data Privacy

  • Privacy Risk Assessments
  • Privacy Program Creation
  • Vendor Management Program Development
  • Privacy Office Consulting
  • Privacy Policy Development

Compliance

  • FISMA
  • SOX
  • GDPR
  • PCI-DSS
  • NIST

Security Risk Management

  • Risk Assessments
  • Risk Management Program Development
  • Risk Register Development
  • Risk Treatment Plans
  • Third-Party and Vendor Risk Management

SUBSCRIBE TO OUR NEWSLETTER