Some of the areas of service and solutions Trova provides in the Cyber Security/GRC (Governance, Risk, Compliance) Practice include:
Information Security
- Virtual Chief Information Security Officer (vCISO)
- Enterprise Security Roadmap
- Information Security Policies
- Vulnerability Scans
- Penetration Testing
- Vendor Compliance Program Design
- Vendor Risk/Compliance Assessments
- Incident Response Plan Testing
- Incident Response Assistance
- Security, Risk, and Compliance Remediation
Compliance
- Consolidated Control Framework Creation
- PCI Compliance Assessments (and SAQ assistance)
- PCI Compliance Consulting
- PCI Remediation
- HIPAA Risk Assessments
- HIPAA remediation
- HIPAA Compliance Consulting
- Privacy Law Assessments (including EU GDPR)
- SOX Compliance Consulting
- SOX Remediation
- Various other standard based assessments (NIST, ISO, COBIT, FISMA, …)
Risk Management
- NIST based Risk Management Program Design
- Risk Assessments (standards based to include NIST, HIPAA, ISO, etc.)
- Penetration Testing
- Vulnerability Scans
- Vulnerability Management
- Risk Mitigation/Remediation
Secure Managed Services
- System Administration
- System Hardening
- Policy Enforcement
- Identity and Access Management
- Change Control
- Separation of Duties
- Patch Management
- Endpoint protection
- Logging and monitoring
- Event Notification
- Incident Response