Governance Risk and Compliance

Governance, Risk and Compliance Control Validation and Support

NTT Security Governance, Risk and Compliance Control (GRC) Validation and Support services enable clients to determine both business and compliance risk in the capture, processing, transmission and storage of controlled information. Controlled information includes sensitive data such as credit card data, protected health information (PHI) or personally identifiable information (PII).

Security First Focus

Many assessors take a “compliance first” approach to assessments without placing a priority on security. As a cyber security services company, NTT Security focuses on information security first, with regulatory compliance a resulting outcome of security. This approach helps our clients to truly strengthen their security programs as well as achieving compliance.

Additionally, many of our consultants are certified in multiple regulatory areas, which offers clients experience and expertise beyond a specific regulatory scope. Some of the certifications held by our consulting staff include:

  • Payment Card Industry Qualified Security Assessors (PCI QSA)
  • HITRUST Common Security Framework (CSF) Practitioners
  • Certified HIPAA Security and Privacy Experts
  • ISO/IEC 27001:2013 Lead Implementers

In addition to these common security standards, NTT Security consultants have experience in many other data security, compliance and regulatory control sets. Contact NTT Security to inquire about specific expertise.

Services include:

  • Enterprise-Level GRC Consulting Services
  • Information Security Management System (ISMS) and Compliance Framework Development
  • Compliance Scope Discovery / Data Flow Mapping
  • Policy and Procedure Review and Development
  • Compliance Standard Assessment and Advisory Services
  • Design, Solution or Implementation Advisory Services
  • Readiness (Gap) Assessment
  • Remediation Support and Validation Services
  • Attestation Assessment and Submission Support
    - PCI Data Security Standard (PCI DSS)
    - HIPAA Privacy and Security Rules
    - HITRUST Common Security Framework
    - ISO 27001 / 27002
    - Other Data Security, Compliance or
      Regulatory Control Sets

Healthcare Study

Healthcare Report

The NTT Security sponsored survey and response "Healthcare Breach Response Study" reviews the key points of the study but also analyses the responses and gives recommendations for future security endeavors.

Request the Study