1. SWALSH, LLC
Security & Privacy Compliance Management
Charting Your Path Through Security & Privacy Audits
Headquartered in the San Francisco Bay Area, Swalsh, LLC provides guidance
and strategies to help you manage Information Security and Privacy programs
and audits.
From gap analysis, to the definition and implementation of policies and
procedures through project management and on-site assistance during audits,
our experienced and creative CISSP-certified staff will help you smoothly
navigate compliance requirements for SOC1, SOC2 Types I & II and SOC3, PCI-
DSS, HIPAA, FISMA/FedRAMP, ISO27001 and other security and privacy audits
with solutions that are appropriate for your specific business.
Copyright Swalsh, LLC 2016
Policy Definition
and Documentation
Employee Training
and Awareness
On-Going Security
Programs
Audit Guidance and
Management
www.SwalshLLC.com
2. SWALSH, LLC
Compliance Management Services
SERVICES
At Swalsh, LLC, we provide our customers high quality services personalized for
their unique needs, including:
Policy Definition and Documentation
Many companies have the best of intentions in considering security as they build their
business, but finding the time to document and communicate policy decisions and
security best practices is not always practical. Defining, documenting and
implementing the policies that meet both compliance requirements as well as your
unique business needs is the cornerstone to a successful Security and Privacy
program. Let us help you understand and document what's necessary in order to
comply with the requirements applicable to your environment and business practices.
On-Going Security Program Management
Once policies and procedures are defined, on-going governance of those policies can
slip through the cracks only to cause problems during an audit. Our staff can help you
ensure daily, weekly, monthly, annual and ad-hoc tasks are performed on time,
documented, and produce the expected results to ensure a smooth audit.
Gap Analysis
Prior to any audit, it’s crucial to understand to what extent your business complies with
the standards to which your business is required. Our team can help you identify gaps,
document compensating controls as well as prioritize and manage the projects that
should be completed prior to an audit.
On-Site Auditor Management
The auditing process can be time-consuming and frustrating, creating repeated
interruptions for your team that reduce their productivity. Auditors require detailed
information that is sometimes repetitive, difficult to understand or produce. Our
experience working with auditors specifically in the context of information security and
privacy related reviews equips us with the ability to buffer your teams from
unnecessary interruptions while providing auditors with the evidence they require.
Copyright Swalsh, LLC 2016
Policy Definition
and Documentation
Employee Training
and Awareness
On-Going Security
Programs
Audit Guidance and
Management
www.SwalshLLC.com
3. SWALSH, LLC
Compliance Management Services
SPECIALIZATIONS
Our staff is CISSP certified, with experience in successful projects
related to the following:
SOC1, SOC2 Type I, SOC2 Type II and SOC3
PCI-DSS
FISMA/FedRAMP
ISO27001
SSAE-16
HIPAA/HITECH
GAPP
Employee Security & Privacy Awareness Training Programs
Risk Assessments, Including Policies, Procedures and
Reports
Gap Analysis
Information Security Policy Definition, Procedures
Definition, and Management of Recurring Tasks
Security & Privacy Policy Definition, Procedures Definition
and Management of Recurring Tasks
Security and Privacy of Biometric Data
Business Continuity and Disaster Recovery Programs
(Definition, Training, Testing and Maintenance)
Incident Response Programs (Definition, Training, and
Implementation)
Preparation and Guidance Through Security & Privacy
Audits By Third Party Auditors
Copyright Swalsh, LLC 2016
Policy Definition
and Documentation
Employee Training
and Awareness
On-Going Security
Programs
Audit Guidance and
Management
www.SwalshLLC.com
