Ensures that documented IT policies and procedures, and associated practices, are aligned with best-practices and applicable regulatory requirements. Includes interviews with IT personnel and documentation review.
Policy review Procedures review Practices review documentation review IT interviews gap analysis compliance best-practices regulatory requirements
Security policies security procedures documentation security practices IT
Best-practices HIPAA SOC2/SSAE16/SAS70 FISMA ISO27002 NIST 800-53 CIPv5 PCI GLBA