Case Study: SaaS Software Company
Problem: A rapidly growing SaaS software had been asked by a large prospect to provide a description of the controls that were in place to protect customers’ data. While the company felt that they implemented good security practices they had no formal program or documentation to support it.
Case Study: Government Agency
Problem: As part of their PCI compliance initiatives a large government agency was required to evaluate required PCI controls, identify missing controls, remediate deficient controls and ensure that existing controls remained effective.
The scope of the cloud risk assessment included:
Case Study: Non-Profit
Problem: As part of their continued participation in a health network a Healthcare Organization was required to provide a HIPAA-based Information Technology Risk Assessment.
The scope of the risk assessment included: