July 2023
| -
PCI Compliance for AWS
Learn about the 12 requirements in the PCI Data Security Standard and how they relate to the AWS environment. Special focus will be placed on determining the scope of your cardholder data environment and developing your game plan for PCI audit readiness.
| -
Security Policies for SOC 2 Compliance
What policies and procedures are required for SOC 2 compliance? If it’s not documented, it didn’t happen! Our specialists will guide you into making sure your policies are ready for your SOC 2 audit.
| -
Risk Assessment for SOC 2 Compliance
Your risk assessment is the source of determining your controls and preparing for a SOC 2 audit. Our specialists will guide you into making sure you're ready for your SOC 2 audit.
| -
Security Policies for Cloud Compliance
Do your policies still reflect your ‘old’ environment and not address the robust capabilities of your cloud technologies? Develop the policies you need to keep your assets secure in the cloud and guide best practices for your engineers, DevOps, and IT team members.
| -
Effective Strategies for Risk Assessment
The best strategy is to get started! Don't overthink a process that can actually be fun and valuable for your company's success. Learn how to complete your assessment in a way that best suits your organizational culture.
| -
Effective Monitoring Strategies for AWS
Discover best practices for logging and monitoring security events in your environment. Learn how to determine if you are logging what needs to be logged and how to improve your alert and response strategy. Come away with a checklist to evaluate your environment.
| -
ISO 27001 Information Security Management System
earn how an ISMS is more than the security policy and prepare for your ISO 27001 certification journey. You’ll come away with the start of your ISMS, statement of applicability, and risk treatment plan. This workshop is led by a certified ISO 27001 Lead Auditor. 9-11am CDT.
| -
Internet Security AWS Benchmarks
Learn why the benchmarks exist and how to improve your security and compliance through implementation. Discuss the ins and outs of configuration standards to address some of the common concerns resulting from hardened environments.
| -
ISO 27005 Risk Assessments
Learn why the worldwide standard is the methodology employed by thousands of organizations. You'll come away with the start of your risk assessment, statement of applicability, and risk treatment plan. This workshop is led by a certified ISO 27001 Lead Auditor.
| -
SOC 2 Compliance for AWS
Get ready to prove your control effectiveness through this informative workshop focusing on the AICPA Trust Services Criteria. Gain valuable insight to apply the SOC 2 criteria to your applications and the AWS platform. Shorten the timeframe for completing your audit.
| -
NIST 800-30 Risk Assessments
Preparing for FedRAMP, CMMC, or some other federally-mandated compliance program? NIST 800-30 is the methodology you'll want to use to identify your assets, determine impact level, and design a control implementation strategy. The workshop will provide you with the examples and documentation to begin your journey.
| -
System Security Plans for NIST and CMMC
Preparing for FedRAMP, CMMC, or some other federally-mandated compliance program? An SSP (System Security Plan) is a requirement. This workshop will provide you with the examples and documentation to prepare you for SSP success.
| -
Completing a HIPAA Risk Analysis
If you store, process, or transmit protected healthcare information (PHI), then it is a requirement to complete a risk analysis. Learn about the requirements of the HIPAA Security and Privacy Rules in § 164.308(a)(1)(ii)(A) of the regulation. Come away with the start of your analysis.
| -
PCI Compliance for AWS
Learn about the 12 requirements in the PCI Data Security Standard and how they relate to the AWS environment. Special focus will be placed on determining the scope of your cardholder data environment and developing your game plan for PCI audit readiness.
| -
HIPAA Policies
If you store, process, or transmit protected healthcare information (PHI), then it is a requirement to implement policies and procedures to prevent, detect, contain, and correct security violations § 164.308(a). Learn about the requirements of the HIPAA Security and Privacy Rules and get your documentation compliant!
| -
Effective Monitoring Strategies for AWS
Discover best practices for logging and monitoring security events in your environment. Learn how to determine if you are logging what needs to be logged and how to improve your alert and response strategy. Come away with a checklist to evaluate your environment.
| -
Security Policies for SOC 2 Compliance
What policies and procedures are required for SOC 2 compliance? If it’s not documented, it didn’t happen! Our specialists will guide you into making sure your policies are ready for your SOC 2 audit.
| -
Risk Assessment for SOC 2 Compliance
Your risk assessment is the source of determining your controls and preparing for a SOC 2 audit. Our specialists will guide you into making sure you're ready for your SOC 2 audit.
| -
ISO 27001 Information Security Management System
Learn how an ISMS is more than the security policy and prepare for your ISO 27001 certification journey. You’ll come away with the start of your ISMS, statement of applicability, and risk treatment plan. This workshop is led by a certified ISO 27001 Lead Auditor.
| -
SOC 2 Compliance for AWS
Get ready to prove your control effectiveness through this informative workshop focusing on the AICPA Trust Services Criteria. Gain valuable insight to apply the SOC 2 criteria to your applications and the AWS platform. Shorten the timeframe for completing your audit.
| -
Effective Strategies for Risk Assessment
The best strategy is to get started! Don't overthink a process that can actually be fun and valuable for your company's success. Learn how to complete your assessment in a way that best suits your organizational culture.
| -
Internet Security AWS Benchmarks
Learn why the benchmarks exist and how to improve your security and compliance through implementation. Discuss the ins and outs of configuration standards to address some of the common concerns resulting from hardened environments.
| -
ISO 27005 Risk Assessments
Learn why the worldwide standard is the methodology employed by thousands of organizations. You'll come away with the start of your risk assessment, statement of applicability, and risk treatment plan. This workshop is led by a certified ISO 27001 Lead Auditor.
| -
System Security Plans for NIST and CMMC
Preparing for FedRAMP, CMMC, or some other federally-mandated compliance program? An SSP (System Security Plan) is a requirement. This workshop will provide you with the examples and documentation to prepare you for SSP success.
Your tools are fantastic. Extremely easy to use. It provides visibility to what is complete and what is not.– Security Compliance Architect, Cisco
KirkpatrickPrice’s tools are a huge benefit, market differentiator, and certainly made my team’s life much easier to manage the volumes of audit documentation than without it. Saved me hours.– CISO, OwnBackup
Every time I leave an engagement with the KirkpatrickPrice team, I leave enlightened and it helps our organization mature towards the point we know we should be.– CISO and VP of Cloud Operations, Health Catalyst
I was happy with the risk assessment service. We appreciate that you worked with our difficult and sometimes shifting schedule.– Holland & Knight
Working with the KirkpatrickPrice auditors not only helped us validate the robustness of our architecture, but also gave us a framework to set up processes that our organization needed in order to mature.– Founder and CEO, AODocs
KirkpatrickPrice has made the audit process more efficient with the tools and partnership mentality that they bring to the table.– Director of Security, Compliance, and Technology, Connectria Hosting
Expertise is one of the best things we’ve gotten out of working with KirkpatrickPrice. Their auditors have been helpful in navigating through the audit and beyond. They’ve made themselves available as resources to assess the impact of changes to our controls and infrastructure.– Security and Compliance Manager, CBOSS
This kind of consulting is the value-add that we continue to find so rewarding and supportive, in everyone that we encounter at KirkpatrickPrice!– President, Net Friends
Your videos are riveting.– Director of Engineering, Sapient