Professional Services

 
Professional Services are tailored to the needs of the Client. A Client may request program remediation support to address assessment findings. Clients may also request support to establish a process, with transition to internal personnel. Virtual CSO may be used as staff augmentation, to maintain the right balance between Capex and Opex.

Examples of Professional Services include policy development, process design and creation of documentation such as an incident response plan.

Establish Programs
Cybersecurity Third Party Risk Management Incident Response Application Security
Risk Management Metrics Vulnerability Management Insider Threat
Conduct Assessments
Application Security (DevSecOps) Vendors and Service Providers Cybersecurity Program Ransomware
Business Process Risk Incident Response Line of Business Risk FMEA Process Risk
Security Operations Center (SOC) Fraud Prevention Insider Threat Security Awareness Program
Mergers and Acquisitions Infrastructure Security Zero Trust Security Model Threat Landscape and Controls
Cyber Exercise Program Penetration Test Program Cybersecurity Function Agile Security Testing
Prepare For
Third Party Assessment The Company to go Public Assessment by a Regulator Assessment by an Aquiring Company
Develop
Roadmap / Multi-Generational Plan Annual Program Goals Metrics, KPIs and KRIs GRC Business Requirements Document
Vulnerability Management Plan Process Diagrams Internal Control Framework Cloud Security Strategy
Risk Management Strategy Risk Scenario Inventory Incident Response Plan Risk Register Process
Security Management Plan Communications Plan Crisis Communications Workforce Development Plan
Conduct Training
Incident Response Security Awareness Cybersecurity Assessments Third Party Risk Management
Metrics, KPIs and KRIs Cybersecurity Risk Management Fraud Prevention Risk Register Process
Career Advice: Cybersecurity Professionals Career Advice: Cybersecurity Leaders Program Maturity Executive Coaching
Present To
Executives Regulators Board of Directors The CISO
Create Program Documentation
Security Policies Program Overview Deck Procedures Manuals Mission Vision Statement
SWOT Analysis Plan of Action and Milestones Threat Landscape Advisories Risk Tolerance Statement
Security Contract Addendum Program Welcome Packet Security Awareness Newsletter Control Deployment Risk Model
Writing Services
Cybersecurity Article - Ghost Writer Cybersecurity Article Cybersecurity Article with Promotion

Professional Services will also provide guidance such as interpretations of security standards and advising IT personnel on how to address a security control.

Fees and Payment

Professional Services are billed at an hourly rate, not including travel expenses. A minimum of 100 hours is required within the Statement of Work. Additional hours may be purchased via a change request. Services are billed monthly.

Next Steps

Each engagement is customized to meet the needs of the client. The first step in the process is to have a conference call. We work together on a list of bulleted requirements. Virtual CSO responds with a Statement of Work.

This service offering description provides an overview for informational purposes only. The Statement of Work and the Master Services Agreement are the official documents for each Professional Services engagement.