Assessment and Certification

PERSONALIZED

Assessment and Certification

At Taranet, we have collapsed several industry standards into a comprehensive holistic assessment and certification program that protects organizations at every level; organization, business process and information system.

Our process is scalable and personalized.

We protect your world - from the business office to the cloud

Taranet applies a risk-based strategy to all our assessment and certification efforts. We’ll evaluate your Risk Management Strategy by assessing how your organization assesses, responds to, and monitors information security risk. In addition, we can help you determine your risk tolerance or your level of uncertainty that is acceptable. Finally, based off the previous information, we will assess the effectiveness of the security controls implemented to mitigate your security risk to an acceptable level.

ASSESSMENTS

Security Status Assessment

A low-cost “Quick Look Report”, the Security Status Assessment is a basic assessment of your system executed by running a diagnostic test, performing employee interviews and reviewing your existing security documentation. We provide your organization with a security status report highlighting any areas that can be improved upon. This assessment can be scheduled at regular intervals to verify adherence to compliance requirements.

Risk Assessment

Taranet analyzes the results of a Security Status Assessment against current threats to ascertain a risk priority to vulnerabilities. The results of this report allow the client to prioritize distribution of resources for corrective action to bring or maintain risks within acceptable risk tolerance.

According to a recent survey from Ernst & Young, only 30% of companies have an IT Risk Management Plan in place that addresses the increasing risks related to the use of new technologies.

Certifications

Federal Information Security Management Act (FISMA) Compliance

Utilizing several NIST Special Publications (800-37, 800-39, 800-53, and 800-60), Taranet evaluates your compliance with the Federal Information Security Management Act.

Health Insurance Portability and Accounting Act (HIPAA) Compliance

Utilizing NIST Special Publications (800-37, 800-39, 800-53, 800-60, and 800-66), Taranet comprehensively assesses your information security program for safeguarding Public Health Information (PHI) and HIPAA compliance.

Gramm-Leach-Bliley Act (GLBA) IT Compliance

The Gramm-Leach-Bliley Act (AKA The Financial Modernization Act of 1999) was enacted to control the ways that financial institutions utilize personal information. Taranet verifies compliance with “The Safeguards Section”, which requires financial institutions to implement an information security program.

Sarbanes-Oxley (SOX) IT Compliance

Sections 302, 404 and 409 of the Sarbanes-Oxley Act, require public companies to implement proper information security controls. Utilizing industry standards for information security, Taranet evaluates your information security program and verifies that you are in compliance with the Sarbanes-Oxley act.

Executive level training at your facility or ours

Security training can encompass new and pre-existing security policies and procedures.

Executive Level

Take control before hackers do

Taranet respects your privacy and will not misuse or sell your personal information.