Managed Services | GRC (Governance, Risk, and Compliance)

VTS Compliance

Compliance is not security. Organizations require the input of cybersecurity experts to avoid the pitfalls of over-reliance on audits and compliance as a replacement for proper due diligence and due care in preventing a cyber breach. We at VTS understand the struggle to establish industry standard certifications and meet the requirements of the compliance frameworks (i.e. HIPPA, PCI, ISO) across operations, systems and engineering personnel.

VTS provides compliance validation specialty teams in support of the customer’s specific needs for all regulated industry compliance frameworks, including Federal NIST 800-171 and CMMC compliance requirements. VTS will address Assessment and Authorization (A&A) Actions for the transition of legacy systems, policy analysis and development, and the implementation of new standards and emerging technologies within the client’s operational capabilities to support current and future Federal cybersecurity compliance requirements.

Information Assurance, Policy, Documentation & Training for Highly Regulated Environments

  • Cybersecurity / Risk Management Framework (CSF/RMF)
  • FAR & DFAR NIST SP 800-171 Compliance Framework (Commercial)
  • RMF/NIST SP 800-53, Rev. 4 (Federal Information Systems and Organizations)
  • NIST SP 800-82, Rev. 2
  • GDPR (General Data Protection Regulation 2016/679)
  • Information Assurance and the Risk Management Framework
  • HIPAA (Health Insurance Portability and Accountability Act)
  • PCI-DSS (Payment Card Industry Data Security Standard)
  • SOX (Sarbanes-Oxley) 2002
  • NERC (North American Electric Reliability Corporation) CIP 007-6 Requirement 2
  • NERC CSS (Cyber Security Standards)
  • ISO 27001 & 27002
  • ISO 15408
  • ISO 19092-1
  • ISO-IEC 15944
  • SAS 70 [Statement on Auditing Standards American Institute of Certified Public Accountants (AICPA)]
  • 1999 Gramm-Leach-Bliley Act
  • 2002 Homeland Security Act, including Federal Information Security Management Act (FISMA)