KLC Security Services

By: Klc Consulting  06-Dec-2011
Keywords: Security, Information Security, Audit Services

KLC Consulting - Your Compass in the Midst of Chaos!

KLC makes every effort to help our clients stay one step ahead of the game in security by providing advanced security technology and processes, and assistance in mitigating the risk associated with corporate resources and data.  By balancing business needs with security technology, we enable our clients to make clear, informed decisions regarding the protection of their valuable resources and reputation.

KLC offers complete and customized solutions based on the KLC Security Methodology and industry standard guidelines and principles. 


Our mission: Help our customers Build, Defend, Analyze, and Counter Attack (if required) in Cyber Security

  • Conduct fix cost third-party service provider security risk assessment based on ISO 27002 security standards.

  • Provide our customers the understanding of interdependency risks with the vendors.

  • Assist third-party service providers to fill out client security questionnaire and provide strategies to navigate through client assessment / audit

  • Description
    KLC's Qualification KLC Consulting has over 20 years of Information Security and IT Audit services experience. We have also created the first network address changer for Windows with over 1.5 million users. Our mission is to enable federal and state government and fortune 1000 companies to secure the IT environment and reduce risks. Our experience covers different industries including government, defense, financial services, retail and aerospace.

    KLC Consulting also contributes in leading security projects including Cloud Security Alliance's Cloud Security Control Matrix for ISO 27001 and NIST 800-53 / FEDRAMP. We have security professionals with DoD security clearance. We also have DoD 8570.01-M Certified Security, IT Audit, and Privacy professionals including

    • Certified Information Systems Security Professional (CISSP)
    • Certified Information Security Manager (CISM)
    • Certified Information Systems Auditor (CISA)
    • Certified Software Secure Lifecycle Professional (CSSLP)
    • Certified Information Privacy Professionals (CIPP, CIPP/G)
    • Certified ISO 27001 Lead Auditor
    • Cisco Certified Network Professionals (CCNP)
    • Juniper Certified Professionals.
    • Security+
    • A+
    Services Description
    • Perform Independent Verification and Validation (IV&V)

    • Help federal government or contractors assess the current state of information security controls based on FISMA or DIACAP

    • Help financial institutions, health care and firms assess information security controls based on the security standards (NIST 800-53, FFIEC, PCI, HIPAA, GLBA), and industry standards (ISO 27001 / 27002.)

    • Conduct Cloud Security Assessment

    • Provide expert guidance to remediate findings / issues

    • Evaluate, design and implement a sustainable solution to assess and manage supplier and vendor security risks.

    • Network Infrastructure, Application Security, Cloud Computing

    • Setup Intrusion Detection, Prevention, log analyzer for situation awareness, and counter-attack systems

    • Research and Development for Custom Cyber Security Applications

    • Prepare the DIACAP and FISMA Package for Certification and Accreditation (C&A)

    • Assist the C&A process and obtain Authorization to Operate (ATO)

    • Assess

    Our certified IT Auditors help federal and state government, financial and banking institutions perform compliant assessment, and help address issues of the following:

    • DIACAP

    • FISMA

    • NIST 800 Series (800-53, 800-37, 800-34 and more)

    • Privacy Impact Analysis (PIA)

    • Sarbanes-Oxley (SOX)

    • Gramm-Leach-Bliley Act (GLBA)

    • Financial Regulations FDIC, OCC, OTS, NCUA, (FFIEC)

    • Payment Card Industry (PCI) Security  Standard

    • Health Insurance Privacy and Accountability Act (HIPAA

    • Pharmaceutical / FDA (21 CFR Part 11)

    • Massachusetts State Data Security Privacy Regulations (201 CMR 17)

    • ISO Advisory

    • Interim Full-time / Part-time CISO Services:

    • Design and build a Information Security Program

    • Design and Implement Information Security Policy

    • Create Information Security Standards and Guidelines

    • Information Security Awareness Training

    • Regulatory Compliance Enforcement

    • Incident Response Planning and Coordination

    • Risk Assessment and Incident Prevention

    • Disaster Recovery Process planning and implementation


    Keywords: Audit Services, Certified Information Systems, Information Security, It Audit Services, Security, Security and It, Security Technology,