Risk & Compliance
Security and risk are not the same thing. We measure where you sit in the risk space, then walk you through the frameworks — certification and beyond.
Risk Assessment
There are fundamental differences between security and risk. A comprehensive risk assessment and valuation — including what your risk rating means compared to other companies in your market vertical.
PCI-DSS Assessments
We provide and guide you through the complex process of PCI-DSS certification, getting you and your company ready for QSA compliance certification.
ISO 27000 / 27001
Through the maze of requirements to achieve ISO 27000 and 27001 certification. GrayHat Assessments has been a leader in assisting companies achieve the ISO branding.
GDPR
More than a few checkbox items. GDPR has very specific requirements — and penalties that cause real financial impact if not properly vetted and remediated.
HIPAA
HIPAA places stringent requirements on the protection of patient records and leaves little to chance. Assessments, recommendations, and remediation plans that align your organization to the regulations.
DPA (Philippines)
The Data Privacy Act of 2012 is a complex and challenging law. We have a strong track record assisting, training, and bringing companies into compliance with this difficult act.
Compliant — and able to prove it.
We get you through certification, then keep you there.