Consulting
Louis Street Consulting can provide consulting for the following standards.
ISO 27001
Information Security
ISO 27001 is an international standard for information security management systems (ISMS), providing a systematic approach to managing sensitive company information so that it remains secure and available. It includes requirements for risk assessment and treatment, security policies, and procedures that organizations need to implement to achieve certification. The standard helps businesses identify, manage, and reduce the range of information security risks they face, ensuring the protection of their data and enhancing trust among clients and partners.
CMMC
Information Security for
the Defense Industry
The Cybersecurity Maturity Model Certification (CMMC) is a framework developed by the U.S. Department of Defense (DoD) to enhance the cybersecurity posture of the Defense Industrial Base (DIB). It requires defense contractors to implement cybersecurity standards at progressively advanced levels, depending on the sensitivity of the information they handle. The CMMC framework ensures that contractors protect sensitive unclassified information and comply with DoD cybersecurity requirements in order to secure contracts. .
AICPA SOC 2
SOC 2 (System and Organization Controls 2) is an auditing procedure developed by the American Institute of CPAs (AICPA) to ensure that service providers securely manage data to protect the confidential information of their clients. It evaluates an organization’s controls in up to five key areas: security, availability, processing integrity, confidentiality, and privacy. Achieving SOC 2 compliance provides their customers with assurance that their supplier has implemented effective measures to safeguard data and maintain high standards of information security.
ISO 9001
Quality Management
ISO 9001 is an international standard for quality management systems (QMS) that provides a framework for organizations to ensure consistent quality in their products and services. It focuses on customer satisfaction, continuous improvement, and the effective implementation of a QMS through a process-oriented approach. Achieving ISO 9001 certification demonstrates an organization’s commitment to quality and its ability to meet regulatory and customer requirements.
ISO 27701
Privacy Information Management
ISO 27701 is an extension to the ISO 27001 standard, specifically focused on privacy information management. It provides guidelines for establishing, implementing, maintaining, and continuously improving a Privacy Information Management System (PIMS). This standard helps organizations enhance their information security management system to address privacy and data protection requirements, ensuring compliance with regulations, such as the GDPR.
ISO 22301
Business Continuity Management
ISO 22301 is an international standard for business continuity management systems (BCMS) that helps organizations prepare for, respond to, and recover from disruptive incidents. It provides a framework for identifying potential threats and impacts to business operations, ensuring that critical functions can continue even in the face of unexpected disruptions. Achieving ISO 22301 certification demonstrates an organization's commitment to resilience and its ability to maintain essential services during a disruption.
ISO 27017
Security Techniques for Cloud Services
ISO 27017 is an international standard providing guidelines for information security controls specifically for cloud services. It supplements ISO 27001 by offering additional security control guidance for existing controls found in ISO 27001, as well as introducing additional cloud specific controls. The standard separates the responsibilities for cloud service providers and cloud services customers, allowing for harmonized expectations where both the cloud service supplier and cloud service customer follow this framework. The standard helps secure services hosted in the cloud by ensuring that both the cloud service supplier and customer understand their responsibilities and adhere to industry best practices.