Compliance – Audit

The old saw is that once you’re promoted to be a senior leader or officer of a company, you never hear the truth again.  While that implies the worst, the saying contains the germ of truth, whether because of agendas, budget pressures, or lack of sophistication.  Sometimes, a dispassionate review of security and privacy matters provides needed visibility or reveals an overlooked regulation, program, or best practice.

With its pragmatic orientation and understanding of the organizational drivers of security and privacy programs, Deer Brook’s team is able to not only conduct audits and reviews based on regulations, but can also zero in on the most relevant risks for companies of any size.  This focus on what constitutes effective, sustainable security and privacy measures provides meaningful insights for both information security professionals and organizational leaders.

Compliance Reviews & Gap Analysis

check-listWhy wait for an audit or regulator visit to know what issues need to be addressed?  Companies find that methodology leaves them behind the curve, increasing staff pressure and often leading to expensive knee-jerk remedial actions that often aren’t sustainable.  Deer Brook provides compliance reviews and regulatory gap analysis to help its clients identify what needs to be done.  With that insight, Deer Brook’s team can identify cost effective, practical, and sustainable methods for closing those gaps and being ready for an internal or external review.  Deer Brook’s seasoned team will also work you’re your staff to authoritatively respond to auditors and regulators, such as PCI QSAs.

Risk Assessments

warningOrganization leaders manage risk with every decision.  But can you manage risks that aren’t identified or build long-term budgets without knowing the company’s information security and privacy landscape?  Deer Brook’s team helps clients by revealing risks and more importantly, putting them in the context of industry norms and best practices for senior leaders.    Deer Brook eschews fear mongering by getting to cost-effective and sustainable solutions to mitigate risks and arming company leaders with what they need to understand problems contextually.


abacusDeer Brook’s team has the experience and knowledge to review your information security and privacy programs under industry standards to provide assurance of your compliance.  Many companies cannot sustain internal audit groups, but find a gap that their typical external accounting firm cannot fill.  From expansive to targeted audits of internal or regulatory frameworks, Deer Brook’s team can bridge that gap in an efficient and cost effective manner.