Service Descriptions

 

Professional Services are tailored to the needs of the Client. A Client may request program remediation support to address assessment findings. Clients may also request support to establish a process, with transition to internal personnel. Virtual CSO may be used as staff augmentation, to maintain the right balance between Capex and Opex.

Business Continuity Services

Most businesses have been significantly impacted by COVID-19. When the dust settles, it makes sense to take a fresh look at business continuity to prevent reoccurence.

Business Continuity Assessment: Evaluates an existing business continuity program to identify areas for improvement. Deliverables include an assessment report and a slide deck presented to executive leadership.

Business Continuity Program: Consultant will collaborate with Client personnel to design, implement and test a Business Continuity (BC) Program. Deliverables include BC strategy, BC policy, Business Impact Analysis (BIA), BC & incident management plans and a BC exercise.

Click here for a complete list of service offerings.

FMEA Process Risk Evaluation

Failure mode and effects analysis (FMEA) is widely used by corporations, manufacturing firms and the U.S. military to evaluate processes or systems. This service provides an overview of FEMA and leads client personnel through critical evaluation of a critical process. Potential failures are prioritized by impact severity, probability of occurrence and likelihood of detection. FMEA risk ratings and narrative rationale can be used to quantify exposure to management and to facilitate remediation.

Click here for a complete list of service offerings.

Security Operations Center (SOC) Assessment

Evaluates SOC processes, technology and controls to identify areas for improvement. Areas of focus include:
  • Data Input
  • Security Information and Event Management (SIEM)
  • Processing and Correlation
  • Data Protection
  • Common Alerts
  • SOC Operations
  • Analysis
  • Cyber Threat Intelligence
  • Threat Hunting
  • Incident Response
Reference a visualization of the end-to-end SOC process at this link.

Deliverables include an assessment report and a slide deck presented to executive leadership.

Click here for a complete list of service offerings.

Third Party Risk Management Program

Establishes an end-to-end process for evaluating and managing third parties from a cybersecurity perspective (identify, risk rank, assess, risk treatment, monitor and oversight & escalations). Includes options based on risk tolerance and available funding.

Click here for a complete list of service offerings.

Fees and Payment

Professional Services are billed at a flat hourly rate, not including travel expenses. A minimum number of hours are purchased on retainer. Services are billed monthly.

Next Steps

Each engagement is customized to meet the needs of the client. The first step in the process is to have a conference call. We work together on a list of bulleted requirements. Virtual CSO responds with a Statement of Work.

This service offering description provides an overview for informational purposes only. The Statement of Work and the Master Services Agreement are the official documents for each Professional Services engagement.