Service Overview - Compliance

Senior executives are ultimately responsible for making sure their business meets government mandated IT compliance standards. Third party verification may be mandated and is essential to avoiding missteps prior to an audit. Compliance has become an integral part of all business operations. The constantly changing nature of regulations requires organizations to develop a comprehensive and thorough risk and compliance management program.

MainNerve's experience in healthcare, finance, energy, manufacturing, and education uniquely qualify us to assist you in meeting the security standards of governing compliance bodies. MainNerve consultants are able to tailor audits and reviews to the needs of your specific industry.

Our compliance security experts give executives piece of mind in knowing they've done everything reasonably expected of them to secure their corporate computing assets and ultimately their customer's records.

MainNerve will analyze your entire organization from a technical, operational and strategic perspective to derive holistic and integrated governance efforts that not only ensure compliance but also deliver organizational efficiency and reliability improvements.

Information Security Management System Framework & Workflows (click to enlarge):

MainNerve ensures organizations meet the security requirements of the following regulations:

• Sarbanes-Oxley (SOX)
• Health Information Portability & Accountability Act (HIPAA)
• Graham Leach Bliley Act (GLBA)
• PCI DSS (Payment Card Industry Data Security Standard)
• Federal Information Security Management Act (FISMA)
• California SB 1386
• National Energy Reliability Council (NERC) Cyber Security Standards
• Family Educational Rights and Privacy Act of 1974 (FERPA)
• EPA Bioterrorism Act

In addition to regulatory and compliance standards, MainNerve can also develop custom policy and procedures for logical security, incident response, business continuity and disaster recovery. We can also work with your organization in creating an Information Security Management System in accordance to ISO 27001 standards. MainNerve can provide the whole risk management package, from master plans to manuals and training.

Key Benefits

• Team of compliance experts at the disposal of your organization
• Industry specific experience in healthcare, finance, energy, manufacturing, and education
• Reporting and documentation that is both detailed and insightful
• Recommendations based on a realistic analysis of your business on a cost to risk basis