Ensure Total Information Security and Compliance 2017-11-07T09:35:18+00:00

Information Security and Compliance
Scan your vital systems and stop problems before they start

Independent, Unbiased, Technically-Qualified Security Assessments

Our Information Security & Compliance practice (formerly 403 Labs) is dedicated to assisting our clients with information security consulting, fraud management, risk mitigation and vulnerability detection and prevention. We have the privilege of working with leading payment card, financial, restaurant, hospitality, health care and educational organizations from around the world.

Our team has the extensive knowledge and experience to help you improve your unique security posture, specializing in compliance audits, penetration tests, computer security assessments and computer forensic investigations. We handle anything having to do with security or protecting data, including credit card data (PCI DSS), patient data (HIPAA), bank account numbers (GLBA), service provider reviews (SOC 1/2/3) or intellectual property.

We Make Compliance as Painless as Possible.

Achieving compliance with industry standards doesn’t have to be as difficult as it seems. Regardless of the standard, Sikich guides you through compliance validation processes quickly and smoothly to help get your organization in compliance and back to your core competency—running your business.

Our validation process is easy, and scalable for any size environment.  If you need to comply with multiple industry requirements, you can leverage our experience and efficiencies by combining your requirements into a single assessment.

If you’ve never undergone a compliance assessment before, we can help you prepare for your first one. If you’re a veteran to your industry requirements, you’ll benefit from our unique approach. Compliance isn’t a once-a-year process; we’re your partner and here for you when you need us.

Contact Us Today

We’re certified in the following areas

PCI DSS

Organizations that store, process or transmit payment card data, such as merchants and service providers, need to comply with the Payment Card Industry Data Security Standard (PCI DSS) to protect cardholder data (CHD).

PCI P2PE

Payment application vendors and service providers can take advantage of the PCI point-to-point encryption (P2PE) framework to develop solutions that reduce merchant handling of payment card data.

PCI PA-DSS

Payment application vendors need to validate against the requirements of the PCI Payment Application Data Security Standard (PA-DSS), which supports merchant compliance with the PCI DSS.

GLBA

Financial institutions are required by law to comply with the Gramm-Leach-Bliley Act (GLBA) and maintain proper security controls to protect consumer financial privacy.

HIPAA/HITECH

Health care institutions are required by law to protect the privacy of protected health information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA).

SSAE 16 (SAS 70)

Outsourced service providers that touch another organization’s data undergo a Statement on Standards for Attestation Engagements No. 16 (SSAE 16) to demonstrate how client data is safeguarded.

Information Security Partners

private equity services construction accountants Agriculture Services Construction Services Non-Profit Services Government Services