+1-847-245-3727 info@techlockinc.com

Compliance Management

A strong compliance management program can help your organization avoid harmful setbacks and streamline obligations across multiple requirements and standards.

Compliance as Part of Everyday Operations

 

TECH LOCK®  stays connected to help your organization maintain compliance requirements year-round. Enhance your security and compliance with a program that monitors the vital tasks and daily activities for security certifications and regulatory obligations. Keep on top of the requirements and reduce internal audit costs by having one location for tracking necessary operational documentation and related activities.

Incorporate industry best practices

 

TECH LOCK’s comprehensive compliance maintenance program, based on industry best practices {NIST, PCI DSS, ISO 27002, HIPAA and HITrust), provides the checks and balances that are critical for securing your data. This includes required monthly and quarterly tasks as well as ongoing monitoring to help ensure organizational or infrastructure changes don’t negatively impact your security posture.

Compliance Maintenance Checklist

 

TECH LOCK’s service helps organizations track their progress in the fulfillment of their compliance obligations, reminding you to perform:

√ Annual Review/Update Configuration Standards
√ Annual Media Inventory
√ Annual Internal/External Penetration Test
√ Annual Review/Update Security Policies
√ Annual Risk Assessment
√ Annual Security Awareness Training
√ Annual Service Provider Review
√ Annual Incident Response Plan Maintenance
√ Bi-Annual Firewall and Router Configuration Review
√ Monthly Anti-Virus Review
√ Monthly Confirmation of Security Patches
√ Monthly IDS/IPS Review
√ Quarterly Check for CHD Retention Compliance
√ Quarterly Cryptographic Key Check
√ Quarterly User Account Review
√ Quarterly Check for Physical Access Control Data Storage
√ Quarterly Check for Unauthorized Wireless Devices
√ Quarterly Internal Vulnerability Scan
√ Quarterly External ASV Vulnerability Scan
√ Quarterly File Integrity Monitoring Compliance
√ Weekly Vulnerabilities Notifications
√ On Demand Review of Custom Code
√ On Demand Change Control Review
√ On Demand Public-Facing Web Application Review