Est. 2010
Supporting your team
with their compliance challenges
Brier & Thorns supports your team facing compliance requirements, whether you need to implement a new security standard from scratch or you are looking for support in maintaining your current program.
​
We provide support flexible to your needs, ensuring that we monitor compliance closely and if applicable maintain your standing certification.
IT Risk Assessment
Brier & Thorn performs risk assessments following a proven methodology, which combines elements form best practices such as ISO, NIST and OCTAVE. As experts in complex risk assessments, we will wade through your risk challenges and hep you assess the critical elements
.
Each assessment concludes with a fill risks assessment report, including priorities, recommendations, and a full narrative of our findings. We will present the findings to your team and help guide decision-making that is in-line with Client’s risk profile.
Internal Audit
If you have a standing security program and/or ISMS, our team can support you by performing an internal audit against an array of security standards including but not limited to ISO 27001, PCI DSS, and SOC 2.
​
During the engagement, our team will identify any nonconformities in your Security Program and provide a detailed report of our findings providing guidance on how to resolve the non-conformities.
Gap Analysis
Whether you are looking to expand the compliance of your existing security program or are looking to implement a new security program; Brier & Thorn’s Gap Analysis will help you identify the gaps in your current program and identify the policies, procedures, and controls required to ensure compliance.
​
At the end of the assessment, you will have a clear picture of the steps required to achieve compliance or depending on your goals- external certification.
Implementation of Security Program
Whether you are looking to implement a new security standard or if you are looking to modify your current program to comply with additional standards, our team will support you in implementing the program.
​
During the implementation our team will support you in the following aspects:
​
-
Risk Assessment
-
Creation of Statement of Applicability (if applicable)
-
Policy creation, review, and modification
-
Support in the control implementation
-
Internal Audit
-
Management Review Meeting
-
External Audit Support.
Managed Compliance Services
Our team provides Managed Compliance Services supporting your team for the maintenance of the compliance of your Security Program to industry standards such as ISO 27001, SOC 2, PCI DSS among others.
​
We provide our service according to your needs, whether you need a team to head up the compliance efforts during the year or just additional support for your existing team. Our service includes the following:
​
-
Risk Assessment
-
Policy Review and Creation
-
KPI Monitoring for compliance
-
Internal Audit
-
Annual Management Review Meeting
-
External Audit Support
-
Many more….
Service Highlights
Juggling multiple compliance requirements can be challenging for companies to manage, our compliance services provide additional resources for companies looking to comply with industry standards and contractual requirements.
​
Whether you need a compliance team or have an existing team that needs additional support, Brier & Thorn can help you meet your requirements and objectives for your security program.
Extension of your team
Our team provides additional resources to support your compliance requirements, with experience in multiple standards, we can ensure that your security program is successful and meets its objectives.
Flexible Approach
We know no two companies are alike, our flexible approach to our service allows us to cater to your specific needs and meets your requirements.
Multiple Standards
We understand that companies often have to satisfy multiple standards and contractual requirements- our team has experience in implementing and maintaining complex security programs.