| IT, CYBERSECURITY AND COMPLAINCE | | | |
ES00 | Initial IT and Cybersecurity Consulting and Advisory (1 Hours) | | $200-$300 Hourly | Intake |
ES01 | | | | |
ES02 | PROFESSIONAL SERVCIES | | | |
ES03 | Cybersecurity Compliance and Litigation Support | | | |
ES04 | Data Brach Investigation and Litigation Support | | | |
ES05 | Data Privacy Investigation and Litigation Support | | | |
ES06 | M & A Enterprise Vendors or Partner Investigation Support | | | |
ES07 | eDiscovery Investigation, and Litigation Support | | | |
ES08 | Cyber Crimes Investigation | | | |
ES09 | Subject Matter Experts in Cybercrime Litigation and Support | | | |
ES10 | | | | |
ES11 | SELECT YOUR SCOPE OF WORK (SOW) AND KEY OBJECTIVES | | | |
ES12 | Meeting Key Senior Management- Enterprise Mission Objectives | | | |
ES13 | Meeting Key Business Management- Business Practices | | | |
ES14 | Meeting Key Technology Management- Current Technologies | | | |
ES15 | Meeting Key Security Management- Current Security Controls | | | |
ES16 | Gathering Key Technical Data (Diagram, Data Flow, Policies, Procedures) | | | |
ES17 | Reviewing & Analyzing the Information Across Cyber and Security Best Practices & Frameworks | | | |
ES18 | Reporting Current State and Propose State – Maturity Model & Identify Key Risks | | | |
ES19 | Recommendation of New or Revised Security Controls | | | |
ES20 | Recommendation of New IT & Security Solutions | | | |
ES21 | Any other client-defined objectives, which are not listed in this engagement | | | |
ES22 | High-Level Enterprise Risk Assessment (up to 3 sites) | | | |
ES23 | Enterprise Policy Review & Development | | | |
ES24 | IT Policy to IT Control (GRC) Compliance Framework Development | | | |
ES25 | Security Awareness Program Development | | | |
ES26 | Vendor Security Program Development | | | |
ES27 | Vendor Cloud Security Risk Assessment ( up to five vendors) | | | |
ES28 | Governance, Risk, and Compliance (GRC) Evaluation, Planning and Development | | | |
ES29 | Security Software Development Life Cycle (SSDLC) Program Development | | | |
ES30 | IT Technical Documents Developments (Policy, Process, Procedure, Network Diagram, Data Flow Diagram) | | | |
ES31 | BCP or DR or Incident Response Plan Evaluation, or Testing, or Development | | | |
ES32 | 3rd Party Internal and External Red Team Pen Testing or Vulnerability Assessment | | | |
ES33 | Develop Change Control or Configuration Control Process | | | |
ES34 | One IT Security Technology Solution (Upgrade or Replace) | | | |
ES35 | IT Security Solutions, Products or Solution Evaluation, and Testing | | | |
ES36 | Cybersecurity Vendors Legal Contract Review or Development | | | |
ES37 | Any other client-defined objectives, which are not listed in this engagement | | | |
ES38 | Enterprise Risk Assessment (up to 5 sites) | | | |
ES39 | IT Infrastructure Vulnerability Scanning /or Remediation | | | |
ES40 | Web Application Vulnerability Scanning /or Remediation | | | |
ES41 | IT Security Infra Technology Upgrades or New Integration | | | |
ES42 | Security Awareness Program Development | | | |
ES43 | Vendor Security Program Development | | | |
ES44 | Cloud Vendor Security Risk Assessment ( up to five vendors) | | | |
ES45 | Business Partner Security Risk Assessment ( up to five partners) | | | |
ES46 | Nationwide Enterprise Risk Assessment (up to 5 sites) | | | |
ES47 | Enterprise Risk Register or Risk Calculator or Risk Workshop Development | | | |
ES48 | Global (overseas) Enterprise Risk Assessment (up to 2 sites, subject to add-on expenses for travel, lodging ) | | | |
ES49 | GRDP SOX, PCI-DSS, or HIPAA Compliance Evaluation and Readiness | | | |
ES50 | Take an Interim Role as CIO, CISO, and V.P Cybersecurity IT Staff Augmentation | | | |
ES51 | Take an Interm IT Staff Replacement Role as Sr. Cyber Security Architect, Advisory, IT Manager or Engineer | | | |
ES52 | Interface with External Regulator, Auditors, and Other Authorities on your behalf on the given subject matter | | | |
ES53 | Be a Subject Matter Expert (SMEs) or Cybersecurity Advisory to Support Senior Management and Business | | | |
ES54 | Data Protection (Data Classification, Data Security, Data Flow, or Data Discovery) | | | |
ES55 | Assets Protection ( Asset Inventory, Management, and Security Control Analysis) | | | |
ES56 | Incident Investigation, Data Breach Analysis, and Records Preservation | | | |
ES57 | Cyber Threats Analysis | | | |
ES58 | Compliance Readiness / Analysis | | | |
ES59 | Governance, Risk, and Compliance (GRC) | | | |
ES60 | Enterprise Risk Assessment | | | |
ES61 | Cloud Application Risk Assessment | | | |
ES62 | IT Security Consulting, Audits, and Advisory | | | |
ES63 | 3rd Party External Audits | | | |
ES64 | NIST 800 Series Standards Deployments | | | |
ES65 | ISO 27005 Risk Management Program Development | | | |
ES66 | ISO 27000 IT Governance Program Development | | | |
ES67 | ISO 27001/02 Information Security Policy Program Development | | | |
ES68 | BS25999 Business Continuity Program Development | | | |
ES69 | Fraud Detection and Prevention | | | |
ES70 | Internal Security Risk Assessment Audits | | | |
ES71 | External (3rd party) Security Risk Assessment Audit and Certification | | | |
ES72 | Hacking and Authorized Penetrating Testing and Threats Assessment | | | |
ES73 | Vulnerabilities Risk Assessments - Internet Gateway Firewall / VPN | | | |
ES74 | Vulnerabilities Risk Assessments - Network Security | | | |
ES75 | Vulnerabilities Risk Assessments - Systems and End-Pont Desktops | | | |
ES76 | Vulnerabilities Risk Assessments - Web Applications /Web Services | | | |
ES77 | Vulnerabilities Risk Assessments - Cloud Application | | | |
ES78 | Vulnerabilities Risk Assessments - Cloud Data Securtity | | | |
ES79 | Vulnerabilities Risk Assessments - Data Security | | | |
ES80 | Vulnerabilities Risk Assessments - Vendor / Business Partner | | | |
ES81 | Penetrating Testing (Hacking) - Internet Gateway Firewall / VPN | | | |
ES82 | Penetrating Testing (Hacking) - Network Security | | | |
ES83 | Penetrating Testing (Hacking) - Systems and End-Pont Desktops | | | |
ES84 | Penetrating Testing (Hacking) - Web Applications /Web Services | | | |
ES85 | Penetrating Testing (Hacking) - Cloud Application | | | |
ES86 | Penetrating Testing (Hacking) - Cloud Data Securtity | | | |
ES87 | Penetrating Testing (Hacking) - Data Security | | | |
ES88 | Penetrating Testing (Hacking)- Vendor / Business Partner | | | |
ES89 | Risk Assessment and Mitigation Program Development and Management | | | |
ES90 | Gap Analysis | | | |
ES91 | Data Breach / Hack Incidents Investigation | | | |
ES92 | Control Audit and Analysis | | | |
ES93 | Process Audit and Analysis | | | |
ES94 | Businesses Impact Analysis (BIA) | | | |
ES95 | Data Impact Analysis (DIA) | | | |
ES96 | Privacy Impact Analysis (PIA) | | | |
ES97 | Control Analysis and Evaluation | | | |
ES98 | Development of Policies, Procedures, Standards, and Guidelines Development | | | |
ES99 | BCP/DRP Program Development & Management | | | |
ES100 | Fraud Detection and Prevention Risk Analysis | | | |
ES101 | IT Governance Security Best Practices | | | |
ES102 | IT Security Project Management | | | |
ES103 | IT Staff Augmentation and Technology Support | | | |
ES104 | Security Awareness Program Development | | | |
ES105 | On-Site Security Training and Knowledge Transfer | | | |
ES106 | Ground Zero to Simple or Complex Enterprise Start-Up | | | |
ES107 | IT Solutions Planning, Development, Implementation, Deployment, and Support | | | |
ES108 | Merger & Acquisition (M & A) – Business Partner Technologies Risk Analysis | | | |
ES109 | Security Policy Program | | | |
ES110 | Log Governance Program, | | | |
ES111 | Firewall Policy Governance Program | | | |
ES112 | Privacy Data Impact Program, | | | |
ES113 | Risk Assessment Program | | | |
ES114 | Vulnerability Mitigation Program, | | | |
ES115 | Change Management Program | | | |
ES116 | Business Continuity Planning Program, | | | |
ES117 | Disaster Recovery Program, Secure Software | | | |
ES118 | Development Program, | | | |
ES119 | Computer Security Incident Response Program | | | |
ES120 | Security & Privacy Awareness Program. | | | |
ES121 | Vendor Risk Assessment Program | | | |
ES122 | Black-Chaining Security Program, | | | |
ES123 | Cloud Service Provider Risk Assessment Program | | | |
ES124 | Legal Digital e-Discovery (Investigation Data Hack and Data Breaches) | | | |
ES125 | Legal Cybersecurity Contracting, Data Security, Data Protection | | | |
ES126 | Expert Witness Testimony & Reporting | | | |
ES127 | Service Provider(s) Risk Assessment Program | | | |
ES128 | Business Partners (s) Risk Assessment Program | | | |
ES129 | Cybersecurity / IT Staff Resource Augmentation | | | |
ES130 | Cloud Service Provider Risk Assessment Program | | | |
ES131 | Legal Digital e-Discovery (Investigation Data Hack and Data Breaches) | | | |
ES132 | Legal Cybersecurity Contracting, Data Security, Data Protection | | | |
ES133 | Expert Witness Testimony & Reporting | | | |
ES134 | Service Provider(s) Risk Assessment Program | | | |
ES135 | Business Partners (s) Risk Assessment Program | | | |
ES136 | Cybersecurity / IT Staff Resource Augmentation | | | |
ES137 | Other, Specify) | | | |
ES138 | | | | |
ES139 | | | | |
ES140 | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |