NTT Security Governance, Risk and Compliance Control (GRC) Validation and Support services enable clients to determine both business and compliance risk in the capture, processing, transmission and storage of controlled information. Controlled information includes sensitive data such as credit card data, protected health information (PHI) or personally identifiable information (PII).
Security First Focus
Many assessors take a “compliance first” approach to assessments without placing a priority on security. As a cyber security services company, NTT Security focuses on information security first, with regulatory compliance a resulting outcome of security. This approach helps our clients to truly strengthen their security programs as well as achieving compliance.
Additionally, many of our consultants are certified in multiple regulatory areas, which offers clients experience and expertise beyond a specific regulatory scope. Some of the certifications held by our consulting staff include:
In addition to these common security standards, NTT Security consultants have experience in many other data security, compliance and regulatory control sets. Contact NTT Security to inquire about specific expertise.
- Information Security Management System (ISMS) and Compliance Framework Development
- Compliance Scope Discovery / Data Flow Mapping
- Policy and Procedure Review and Development
- Design, Solution or Implementation Advisory Services
- Readiness (Gap) Assessment
- Remediation Support and Validation Services
- Attestation Assessment and Submission Support
- PCI Data Security Standard (PCI DSS)
- HIPAA Privacy and Security Rules
- HITRUST Common Security Framework
- ISO 27001 / 27002
- Other Data Security, Compliance or
Regulatory Control Sets
The NTT Security sponsored survey and response "Healthcare Breach Response Study" reviews the key points of the study but also analyses the responses and gives recommendations for future security endeavors.