Hector M.

GLBA Gap Analysis Risk Assessments Information Systems Vulnerability Assessments (Nessus Scan results Advanced Social Engineering Testing (GLBA Pretexting Analysis)(Recon, Intrusion, Phishing Emails, Pen/media exploitation, etc) SOC 2 (AT101), Type 1 Readiness Review SOC 2, Type 2 Examinations SOC 1 (SSAE16), Type 2 Examinations Payment Card Industry Data Security Standard (PCI DSS) Sarbanes Oxley Section 404 reviews and controls. IT Governance (CobiT) Affordable Health Care Act Requirements Business Associate Reviews and Requirements for HIPAA (OCR requirements) Health Insurance Portability and Accountability Act Requirements Information Asset Identification and Classification (ISO 27000) Information Data Leak Prevention- implementation of controls: PGP Whole Disk Encryption PGP Endpoint Symantec Vontu Media Sanitization (NIST SP. 800-88) Disaster and Recovery/ IS Continuity Audits/Assurance