Cloud 101CircleEventsBlog
Register for CSA's AI Summit at RSAC on May 6!

Certified STAR Auditors

Certified STAR Auditors

Certified STAR Auditors

ISO + CSA STAR Certification Auditors

Certified Auditors
Contact Info

Accedere is a global provider of Assurance services for cybersecurity compliance. Accedere is a Colorado CPA firm registered with PCAOB with focus on Cloud Security and Privacy. Accedere helps clients in evaluating the much needed Cyber Governance Maturity as cyber risk is the 3rd biggest risk of doing business today.

Data Security and Privacy are increasing challenges in today’s cloud-based environments. Accedere provides the required expertise, customer experience for Cloud Security Assessments, Audits, Privacy Compliance. SOC1, SOC2, SOC3, reports are our major focus area. Accedere has audited multiple organizations both large and SMB in the cloud space for the past several years and has exceptional capabilities in this space. Accedere helps organizations achieve Level-2 and 3 STAR compliance.

The cloud assurance business is led by Ashwin Chaudhary who is an MBA, CPA and has certifications CCSK, CISSP, CISA, CISM, CRISC, CGEIT, ISO27001LA. For more details on how we can help please contact us [email protected], www.accedere.io.

Data Security and Privacy are increasing challenges in today’s cloud-based environments. Accedere provides the required expertise, customer experience for Cloud Security Assessments, Audits, Privacy Compliance. SOC1, SOC2, SOC3, reports are our major focus area. Accedere has audited multiple organizations both large and SMB in the cloud space for the past several years and has exceptional capabilities in this space. Accedere helps organizations achieve Level-2 and 3 STAR compliance.

The cloud assurance business is led by Ashwin Chaudhary who is an MBA, CPA and has certifications CCSK, CISSP, CISA, CISM, CRISC, CGEIT, ISO27001LA. For more details on how we can help please contact us [email protected], www.accedere.io.

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider approach as a licensed SOC 1 and SOC 2 Auditor, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HISTRUST CSF Assessor firm, accredited FedRAMP 3PAO, candidate CMMC C3PAO, and PCI Qualified Security Assessor Company. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. https://www.a-lign.com/service/csa-star

A-LIGN HQ
400 N. Ashley Drive, Suite 1325
Tampa, FL 33602
+1.888.702.5446

AssuranceLab is a certified B-Corporation, public accounting firm and certification body founded in 2017 to shape a new and better way for audits. Audits build trust, improve processes, and help grow businesses; however, the traditional approach undermines those benefits with excessive costs, complexity and disruption to your business.

Our new way has been developed over the last four years - working closely with modern cloud companies, developing our award-winning Regtech software, and iterating all elements of how audits can be done resulting in the leading agile, collaborative, and tech-enabled approach our clients love.

We conduct audits to various standards such as: CSA Star level 2, SOC 1, SOC 2, ISO 27001, HIPAA, GDPR, CCPA, ESG.These can be provided individually and packaged together for a more streamlined approach resulting in time, effort and cost savings.

For more details on how we can help, please visit our website at www.assurancelab.com.au or contact us at [email protected]

Baker Newman Noyes is a U.S. Top 100-ranked tax, assurance, and advisory firm entrusted by individuals and leading organizations to deliver effective accounting, advisory, and financial solutions with diligence, vision, and responsive client service. At BNN, complex issues are solved through teamwork, putting our collective experience and expertise to work for you. Recognized as a Best of Accounting award-winner for client satisfaction, we serve clients locally, regionally, and globally from offices in Maine, Massachusetts, and New Hampshire.

BNN’s cybersecurity and compliance related services include attestation for SOC 1 and 2, and Cloud Security Alliance (CSA) STAR. We help clients with Cybersecurity Assessments, Compliance Readiness Assessments (NIST CSF, PCI DSS, ISO 27001, FedRAMP, CMMC, MS DPR, CSA STAR, HIPAA, Maine Insurance Data Security Act, 23 NYCRR 500) as well as Third Party Risk Assessments, Risk Assessments and Internal Audit (as related to ISO 27001, 23 NYCRR 500 and HIPAA/HITECH).

Baker Newman Noyes – Information Systems and Risk Assurance Practice

Portland, ME 04101

280 Fore Street

Phone: 207.879.2100

Email: [email protected]

Website: www.bnncpa.com

BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.

Learn more at www.barradvisory.com or contact us at [email protected].

BARR Advisory services include:
Compliance Program Assistance
SOC 1 Examinations
SOC 2 and 3 Examinations
SOC for Cybersecurity
PCI DSS Assessment Services
ISO 27001 and 27701 Assessments
FedRAMP Security Assessments
HIPAA/HITECH Services
HITRUST Services
Penetration Testing and Vulnerability Assessments
Virtual CISO Services

BSI Global HQ
389 Chiswick High Road London W4 4AL United Kingdom [email protected] +44 20 8996 9000

BSI Americas
12110 Sunset Hills Road, Suite 200 Reston, VA 20190-5902 [email protected] Telephone: 1.800.862.4977

International offices
BSI has 58 offices serving over 80,000 clients in 150 countries To find the office closest to you visit: http://www.bsigroup.com/

Bureau Veritas is a world leader in testing, inspection and certification. We help clients across all industries address challenges in quality, health & safety, environmental protection, enterprise risk and social responsibility. We support them in increasing performance throughout the life of their assets and products and via continuous improvement in their processes and management systems. Our teams worldwide are driven by a strong purpose: to preserve people, assets and the environment by identifying, preventing, managing and reducing risks. Bureau Veritas has offered management systems certification to our clients since the first such international standard, ISO 9001 for quality, came into being in 1987; with 150,000 active ISO certificates and +8,000 skilled auditors, Bureau Veritas is present in 140 countries with local specialists in 80 countries. Subsequently Bureau Veritas began offering Information security management systems certifications since the early 2000s. Today Bureau Veritas is recognized by over 40 national and international accreditation bodies across the world, Bureau Veritas holds United Kingdom Accreditation Service (UKAS) global accreditations for Cyber Security and Business continuity to standards including ISO 27001, ISO 55001 and ISO 22301.

https://certification.bureauveritas.com/certificat...

Founded in 1957, the China Academy of Information and Communications Technology (hereinafter referred to as CAICT) is a scientific research institute directly under the Ministry of Industry and Information Technology (MIIT) of China. It cherishes the cultural philosophy of "Boosting prosperity with virtues and expertise" for years while adhering to the development position of "a specialized think-tank for the government and an innovation and development platform for the industry". Committed to "the think-tank and enabler for innovation and development in an information society," CAICT has provided strong support for major strategy, plan, policy, test, and certification for the development of the national ICT sector and the IT application, thus proving itself an important facilitator in the leapfrog development and innovation of China's information and communications sector. It has been granted hundreds of scientific and technological awards at both national and provincial levels.

CCIC is a central enterprise approved by the State Council and managed by SASAC. Founded in 1980, it is a comprehensive quality service institution with the main business involving"standards, inspection, testing and certification".

A first-class subsidiary of CCIC, CCIC SHAANXI was reorganized by the former CCIC SHAANXI and CQC Xi'an Branch in November 2007 with the approval of the State Administration for Market Regulation and the Certification and Accreditation Administration Commission of the PRC.

As an internationally recognized certification body, we conduct certification audits for various types of enterprises, with standards for these audits including: ISO 27001, ISO 20000, ISO 27701, ISO 22301, ISO 27017, ISO 27018, ISO 29151, etc.

We uphold the concept of independence, justice and professional innovation, hoping to provide a comprehensive quality service for you and make a sustained effort to create a more reliable world!

As the certification arm of Coalfire, Coalfire Certification provides audit and certification services to public and private sector organizations worldwide.

Coalfire Certification is an accredited certification body per both the ANSI National Accreditation Board (ANAB) and the United Kingdom Accreditation

Service (UKAS), no. 9224. CoalfireCertification.com

ControlCase is a global provider of certification, cyber security and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost effective and comprehensive in both on-premise and cloud environments. ControlCase offers certifications and a broad spectrum of cybersecurity services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT and FedRAMP.

www.controlcase.com

ControlCase
USA +1.703.483.6383
Canada +1.416.900.1272
Europe, Middle East and Africa +44.2035145389
India +91.7506610917
Asia Pacific +66-21056164
Website: https://controlcase.com
Email: [email protected]

CPG is Australian owned and a full-scope International Certification and Training Body. They are recognized by JAS-ANZ (Joint Accreditation System – Australia New Zealand), by Singapore Accreditation Council and by APMG International as an Accredited Certification Body, by SANAS (South African National Accreditation System) and by Exemplar Global as an Accredited Training Organisation. CPG certifies small through to large organisations, businesses, hospitals and government departments to both National and International standards, across a wide array of management systems certifications.

With offices in over 30 countries, CPG (formerly International Standards Global) is a full-scope CB, with accreditations from multiple IAF and National Bodies. Programs offered include ISO2700, ISO9000, HACCP, Food Safety, Occupational Health, Disability, and Business Continuity. https://cpg.global

CyberGuard Compliance is a PCAOB registered CPA Firm based in the United States and serving clients around the globe. Our leadership team has over 150 years of combined business management, operations and related information technology (IT) experience. CyberGuard Compliance has performed thousands of SOC audits, and unlike most traditional CPA firms which focus on financial statement auditing and tax compliance,CyberGuard Compliance focuses on Cybersecurity (InfoSEC) and IT security compliance related services.

CyberGuard Compliance, LLP 6720 N. Hualapai Way, Suite 145-306 Las Vegas, Nevada 89149
866-480-3485
Email: [email protected]
Website: https://www.cgcompliance.com/

DHG is a top 20 professional services firm in the United States, offering assurance, tax and advisory services to clients nationwide and internationally. DHG’s Technology Advisory team provides comprehensive cloud assessment and advisory solutions, including cloud transformation consulting to help clients identify and implementation services. Our Tech Compliance team provides CSA-based assessments and audits, and performs SOC 2 examinations that incorporate the CSA Cloud Control Matrix for STAR attestation. DHG’s professionals are passionate about providing an unparalleled client experience as we listen, innovate and act to help our clients.

Driven by our purpose of safeguarding life, property and the environment, DNV GL enables organizations to advance the safety and sustainability of their business. DNV GL is a leading provider of classification, certification, verification and training services. With our origins stretching back to 1864, our reach today is global. Operating in more than 100 countries, our 14,000 professionals are dedicated to helping our customers make the world safer, smarter and greener.

As a world-leading certification body, DNV GL helps businesses assure the performance of their organizations, products, people, facilities and supply chains through certification, verification, assessment, and training services. We also deliver deep insight and pragmatic support to major companies enabling them to build effective sustainability strategies. Partnering with our customers, we build sustainable business performance and create stakeholder trust.

DNV GL HQ
Veritasveien 1 1363
Høvik Norway
Telephone: +47 67 57 99 00

To find the office closest to you visit https://www.dnvgl.com/cn or contact us at [email protected].

EY CertifyPoint HQ
Antonio Vivaldistraat 150 1083 HP Amsterdam The Netherlands [email protected]http://www.ey.com/certifypoint

International offices
Founded in 2002, EY CertifyPoint is an accredited independent and impartial certification institute with experienced auditors all over the world certifying some of the top international organizations. Being related to the global EY organization, EY CertifyPoint is able to provide you with a local contact person in nearly every country world-wide. For more information, please visit http://www.ey.com/certifypoint.

Choose Insight Assurance for unparalleled audit services led by experienced industry experts. Our global presence ensures consistent and reliable support for clients worldwide, employing cutting-edge technologies for efficient and transparent auditing. We prioritize your experience through dedicated teams, customer success managers, and a 24-hour SLA via Slack, embodying a client-centric approach. With a foundation in former Big-4 auditors with over 20 years of industry experience, our Tampa-based global team operates 24/7, serving 600+ clients across 50+ countries. Experience quality, simplicity, and clear communication with Insight Assurance, where over 90% of clients benefit from maximized automation in compliance processes.

Kompleye is a recognized global cybersecurity and compliance organization that offers a one-stop comprehensive solution for multiple cybersecurity models, frameworks, and regulatory compliance.

We have in-depth knowledge and extensive experience in different industries, which will ensure a successful assessment to meet your company’s cybersecurity and compliance posture.

We are uniquely qualified to perform multiframework audits including:

  • AICPA - SOC 1, SOC 2, SOC 3 and other SOC assessments (SSAE-18)
  • ISO 27001 – Information Security Management Systems and
  • ISO 27701 – Information Privacy Management Systems
  • HITRUST
  • FedRAMP
  • CMMC
  • Privacy Compliance (GDPR, CCPA, etc.) and both
  • CSA Star Certification
  • CSA Star Attestation
  • AICPA – Direct Examinations (SSAE-21)

Our management team has more than 30 years of combined experience working for Big 4 firms, and across different industries and companies’ sizes; and we will provide the most efficient attestation approach for your company. For more information please visit: www.kompleye.com or contact us at [email protected].

KPMG Cert GmbH, located in Cologne, Germany, is the accredited certification body of KPMG AG Wirtschaftsprüfungsgesellschaft. We act independently: KPMG Cert does not perform any consulting services related to the design, implementation, internal audit or operations of management systems.

Not only are we active in a wide variety of industries, but we are also familiar with companies of all sizes based on our vast experience in the certification business. Apart from the classic quality and environmental topics, two of our focus areas are risk management topics and information security management systems.

LBMC is a leader in IT Security, helping mid-market and Fortune 500 clients assess their cybersecurity, reduce risk, and protect their sensitive data. With such heavy regulatory and public scrutiny of security and privacy practices, our experienced IT compliance and audit specialists guide you through the maze of regulations. Our team is uniquely qualified to conduct assessments against almost every cybersecurity framework that exists and simplify the process with our “Audit Once, Report Many” approach. LBMC IT assurance services include ACAB LADMF, FISMA, ISO 27001, SOX/COSO/COBIT, CMMC, HITRUST, PCI DSS, SOC, NIST 800-171, NIST 800-53, and CSA STAR assessments. For more information, visit www.LBMCInformationSecurity.com

When information security systems are not properly managed and maintained, organisations run the risk of sustaining serious financial and reputational losses. Ensuring your organisation has the right controls in place to reduce the risk of serious data security threats and avoid any system weaknesses from being exploited is crucial.

LRQA has been at the forefront of standards development and involved in Information Security Management System (ISMS) assessment for many years. Our high-profile clients in the finance, telecoms, software, internet, consultancy, justice and government sectors trust LRQA to deliver high quality, consistent and impartial assessments with the full back-up of a highly dedicated support package.

Our assessors are experts qualified in information security and other aspects of IT, whose objective view will give you confidence in your own security measures as judged against best industry practice.

For more information on our wide range of services, or to make an inquiry, visit https://www.lrqa.com/en-us/csa-star/certification-services/https://www.lrqa.com/en-us/csa-star/certification-services/

Marcum RAS, LLC is a national advisory and certification services firm dedicated to helping entrepreneurial, middle-market companies achieve their goals. Understanding our clients’ businesses, helping them identify their needs and meet their challenges, and uncovering opportunities that propel them towards success is our mission. Marcum is committed to providing the most thorough, insightful, and expeditious service, according to the highest ethical standards.

Our consulting and audit professionals are seasoned, trained service consultants. Our advisory team has Big 4 and high-profile consulting experience, and all team members have at least one industry-accepted certification, including CPA, CISA, CISSP, CCSFP, GWAPT, GPEN, and QSA, and/or a Master’s degree in finance or accounting.

The leaders in of risk advisory practice bring more than 100 years of combined public accounting experience, industry knowledge and a long history working with small private firms up to Fortune 500 clients on information technology and compliance initiatives. Our risk advisory team focuses on the delivery of high quality ISO 27001, ISO 27701, PCI DSS, SOC 1/2/3 reporting, and HITRUST certifications.

Moss Adams is a fully integrated professional services firm dedicated to growing, managing, and protecting prosperity. With over 4,400 professionals across more than 30 locations in the market capitals of the West and beyond, we work with the world’s most innovative, dynamic, and promising clients and markets. Through a full spectrum of accounting, consulting, and wealth management services, we bring the deep industry specialization and inspired thinking our clients seek. Since we put down roots in the Pacific Northwest more than 100 years ago, we’ve steadily expanded to serve clients not only in the West, but also across the nation and globally. Our full range of services includes accounting (assurance and tax), consulting (cybersecurity, strategy & operations, transactions, and specialty), as well as individual and institutional wealth management.

Moss Adams is one of the 15 largest US accounting and consulting firms and a founding member of Praxity, a global alliance of independent accounting firms providing clients with local expertise in the major markets of North America, South America, Europe, and Asia.

MSECB helps companies of any industry show their commitment to success by providing them with valuable and up-to-date evaluation and certification services against internationally recognized standards. We enable companies to follow the best practices and gain maximum advantage from their systems in this ever-evolving world of business.

As an international accredited certification body, we have conducted thousands of certification audits in more than 70 countries for SMEs and large enterprises against standards such as: ISO/IEC 27001, ISO/IEC 27701, ISO 22301, ISO 37001, ISO 9001, ISO 14001, etc.

Our happy clientele have chosen us for our expertise, quick and excellent service, the quality and professionalism of our auditors, and above all, for the outstanding customer experience that we offer. How do we accomplish this? We handle each client’s request with the utmost care and ensure certification with appropriate audit methods in a timely manner.

Visit our website to learn more about us and our services: https://msecb.com/

MSECB HQ
1555 boul de l'Avenir, Bureau 306, Laval, Quebec H7S 2N5, Canada
[email protected]

Nixu Corporation is a cybersecurity company. We work to improve our clients’ cybersecurity in solution areas of Corporate IT, Digital Business and Industrial Internet. Our clients trust Nixu in projects where developing, implementing or assessing of information security is a must. We ensure the confidentiality of our clients' data, business continuity and ease-of-access to digital services through planning and mitigation of cybersecurity risks.

CONTACT INFORMATION:
Phone number: +358 9 478 1011
E-mail: [email protected]

Blog: http://www.nixu.com/blog
Twitter: @nixutigerteam

NSF International is an independent, global organization that protects human health by facilitating the development of public health and safety standards, and providing certification and testing services.

Our cybersecurity audit services can help you leverage best practices to reduce organizational risk, improve business performance, successfully address customer expectations and meet or exceed corporate and organizational objectives.

PKF Antares is a dynamic audit and consulting firm which provides a wide range of professional services including but not limited to CSA STAR Level 2 attestation, SOC 1, 2, and 3, Cybersecurity – strategy, security, prudence, & resilience, ESG, SOX/CSOX, Internal audit, financial audit, etc. Our firm is based out of Calgary, Canada with offices in Red Deer and Toronto. We are connected to 220 firms within the PKF global network with a shared commitment to quality, integrity, and the value creation in a complex regulatory environment. We can provide you with world-class, value adding solutions in IT compliance, Assurance, Advisory, Taxation and Business Services anywhere in the world. Our clients including CAS STAR Level 2 and SOC are from across Canada, USA, and South America. All our professionals at management level have years of experience with “Big 4” professional accounting and advisory firms. As a firm with diverse workforce, we can communicate with you in many different languages i.e., English, Russian, Punjabi, Chinese…

Our firm adopted the Internal Standard on Quality Management (ISQM 1 and 2). All our engagements are under an independent monitoring program to ensure compliance with ISQM standards and quality assurance requirements. As a client, you are guaranteed to receive the highest quality and services from PKF Antares.

Prescient Security is a CREST certified global top 20 cyber security company that provides high-quality, expedited, and affordable security services to enterprise and SAAS clients globally. We offer Google designated OAuth, Microsoft SSPA, SOC 2, ISO 27001, PCI QSA, GDPR, HIPAA, CCPA,FERPA, FISMA, GLBA CSA STAR and other security and privacy certifications and penetration testing services.

We are based in New York City but provide services on global time zones. We are a 10-year-old reputable, high-quality, and affordable audit firm.

For more information, please reach out to [email protected] or call +1 646 209 7319 for a quote today.

PricewaterhouseCoopers Certification BV (hereafter: PwCC), part of the worldwide PwC network is a legal entity accredited for verification and certification services globally. PwCC is focused on building digital trust, by providing certification services for (Cloud) information security management (ISO27000 series and CSA STAR), business continuity (ISO22301), quality management (ISO9001) and information technology service management (ISO20000).

PwCC is committed to delivering our certification engagements to the highest quality standards. As such, PwCC is accredited to issue ISO27001, ISO9001and ISO22301 certificates by the Dutch accreditation body ‘Raad voor Accreditatie’. Our certification engagements are conducted according to the ISO17021-1 standard for certification of management systems, a standardised approach used by all accredited certification bodies. The actual overview of standards PwCC is accredited for can be found on the website of the ‘Raad voor Accreditatie’.

Organizations in a business-to-business environment are increasingly subject to requirements from customers, regulators and other stakeholders to demonstrate that information security, quality control and business continuity is up to standard from both a management system and controls perspective. PwCC is one of the few organisations that is capable of leveraging synergies resulting from overlaps between attestation frameworks (e.g. SOC1, SOC2, IRAP, HIPAA, GBLA, BSI C5, FDA, GXP, TISAX), management systems and different territories.

QRC stands as a preeminent global entity in the realm of certification, cyber security, and privacy compliance services. As a distinguished international certification institute, QRC excels in delivering Auditing and Certification services of global acclaim across a myriad of Governance, Risk, and Compliance (GRC) frameworks.

Our services are meticulously tailored to ensure the alignment of organizational information technology with business objectives, effectively manage risks, adhere to pertinent regulations, and assist organizations in achieving their aspirations with reliability, reduced uncertainty, and compliance adherence.

QRC prides itself on being a technology-driven security and compliance ally, garnering trust from over 500 global entities to counteract cybersecurity threats. Our unique service model offers a consolidated provider approach as a licensed entity, extending certifications and a comprehensive range of cybersecurity and privacy compliance and assessment services.

We provide Assessment & Certification services for various frameworks like:

Payment Card Industry Audit and Certification like PCI DSS, PCI 3DS, PCI SLC, PCI SSF, PCI PIN, PCI P2PE etc.,

ISO Certifications like ISO 27001, ISO 27701, ISO 9001, ISO 27017, ISO 27018

Licenced CPA firm to Perform SOC 1 and SOC 2 (SSAE Attestations)

Recognized SWIFT CSCF Assessment Provider

CSA STAR Certification

Security Assessments (Vulnerabilities Assessments and Penetration Testing) Services

The QRC auditing team of more than 50+ auditors possess the experience in wide range of business scopes of industrial and business sectors and offers its customers compliance assessments and certification services internationally GDPR, HIPAA, CCPA among others.

QSCert, spol. s r.o.
E. P. Voljanského 1, 960 01 Zvolen
https://maps.google.com/?q=E.+P.+Voljansk%C3%A9ho+1,+960+01+Zvolen&entry=gmail&source=g
Tel: 045 - 54 00 717
Tel/Fax: 045 - 54 00 718
Phone number: 0905 - 977 200
E-mail: [email protected]

QSCert® is an international Certification Body based in Prague (Czech Republic). Its core business is certification of management systems according to several international standards. QSCert® has established the net of branch offices all over the world. QSCert® is accredited by the Czech Accreditation Institute. QSCert® differs from other certification bodies mainly by pragmatic approach to an audit without emphasis on bureaucracy. A quality management system which QSCert® requires from its clients is established also in QSCert®. QSCert® audit gives added value to the client not only by examining the compliance with the standard requirements but also by suggesting opportunities for improvement of the management system. QSCert auditors are people who worked as quality managers or consultants in the past – they are able to understand certification audits from the auditee point of view. It enables them to conduct audits in correct and pragmatic way.

RINA is a multinational company that helps clients build strong, successful businesses. Through a global network of over 5.300 talented professionals, operating out of 200 offices in 70 countries, we support market operators across the entire lifecycle of their projects, whilst assisting them in renewing their products, technologies and services. RINA provides a wide range of services across Energy&Mobility, Marine, Certification, Infrastructure & Real Estate and Industry sectors and is a member of key international organizations and an important contributor to the development of new legislative standards.

Schellman Compliance LLC HQ 4010 W Boy Scout Boulevard, Suite 600 Tampa, FL 33607 Telephone: 1.866.254.0000 Outside of the United States, please dial: +1.973.854.4684

We are setting the pace and blazing new trails. We are the only company in the world capable of providing our clients the rare opportunity to achieve multiple compliance objectives through a single independent assessor — using experienced teams dedicated to delivering the highest quality.

For more information visit www.schellman.com

Securisea CB is one of only a handful of audit firms in the world certified to provide CSA STAR, ISO27001 and 27701, SOC2, SOC1, PCI DSS, FedRamp/StateRAMP 3PAO, HITRUST & HIPAA assessments all under one roof.

Our integrated compliance approach allows us to leverage our client’s existing security controls from other frameworks directly into each engagement, reducing overhead and work duplication. As experts in a wide variety of security control frameworks, we can provide a comprehensive solution for all of your security assessments.

Top Tier Expertise, Excellent Customer Experience

For over 18 years our team has been helping clients of all sizes focus on their core business, helping to address their compliance needs with little to no impact to their engineering schedules and time to market. You’ll work with an experienced team of consultants that understand what you need because we’ve been there, with extensive corporate security experience as well as exceptional credentialing expertise. We personalize our services for your unique timing and requirements, with a comprehensive approach that operates inside and outside the network perimeter, through application and network layers, and across cloud-based and hybrid online environments.

We’ll be by your side throughout the entire process, resulting in a best-in-class customer experience.

Consulting Services

In addition to formal assurance services, Securisea CB’s parent company provides consulting services span the entire security landscape, including but not limited to:

●Penetration testing

●Compliance whitepapers

●Security architecture

●Web application security

●Secure code reviews

●Training

●Secure software development lifecycle

●Security policy development

●Reverse engineering

●Risk assessments/risk management

●Cryptography

To learn more about the companies that rely on Securisea, Inc. for their critical assessments and consulting needs, visit http://www.securisea.com.

Contact Information

POC: Josh Daymont
E-mail: [email protected]
Founded: 2006
Address: 2501 Chatham Rd Suite 4573 Springfield, IL 62704
Phone: 877-563-4230

Shenzhen National FinTech Evaluation Center Co.,Ltd (NFEC) is a leading evaluation provider in China’s financial industry with the approval of People’s Bank of China. NFEC focuses on Fintech services including but not limited to security testing & evaluation, technology certification, FinTech solution & consultation.

NFEC serves China’s major banks, financial organizations, high-tech enterprises, third-party payment companies, etc. NFEC’s services aim at the regulatory compliance of Fintech innovation and synergy of Finance and cutting-edge technologies such as artificial intelligence, big data, cloud computing and blockchain.

SGS HQ
1 Place des Alpes P.O. Box 2152 Geneva, 1211 Switzerland

SGS Taiwan (East Asia HQ)
4F, No.125, Wu Kung Road, New Taipei Industrial District, New Taipei City, 24886 Taiwan (R.O.C.)

International offices
SGS has 1,400 offices serving over 120,000 clients certification services in 150 countries. To find the office closest to you visit: http://www.sgs.com/

TÜV SÜD America is a premium quality, safety, and sustainability solutions provider that specializes in testing, inspection, auditing, certification, training, and knowledge services. Since 1866, the company has remained committed to its founding principle of protecting people, property and the environment from technology-related risks. TÜV SÜD America’s US is headquartered in Wakefield, Massachusetts. TÜV SÜD has locations worldwide.

SOC 2 + CSA STAR Attestation Auditors

Certified Auditors
Contact Info

360 Advanced is “Making Better Businesses” through their national Cybersecurity and Compliance offerings. Services provided include CSA STAR, SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, HIPAA/HITECH, ISO 27001, PCI-DSS, HITRUST CSF, Microsoft SSPA Attestation, Penetration Testing, GDPR, CCPA and more. In certain states, 360 Advanced may operate under the name of Hiestand, Brand, Loughran, P.A. to meet AICPA requirements. To learn more about 360 Advanced, visit www.360advanced.com

For more information on compliance solutions, contact Brad Lyons at [email protected].

Accedere is a global provider of Assurance services for cybersecurity compliance. Accedere is a Colorado CPA firm registered with PCAOB with focus on Cloud Security and Privacy. Accedere helps clients in evaluating the much needed Cyber Governance Maturity as cyber risk is the 3rd biggest risk of doing business today.

Data Security and Privacy are increasing challenges in today’s cloud-based environments. Accedere provides the required expertise, customer experience for Cloud Security Assessments, Audits, Privacy Compliance. SOC1, SOC2, SOC3, reports are our major focus area. Accedere has audited multiple organizations both large and SMB in the cloud space for the past several years and has exceptional capabilities in this space. Accedere helps organizations achieve Level-2 and 3 STAR compliance.

The cloud assurance business is led by Ashwin Chaudhary who is an MBA, CPA and has certifications CCSK, CISSP, CISA, CISM, CRISC, CGEIT, ISO27001LA. For more details on how we can help please contact us [email protected], www.accedere.io.

Data Security and Privacy are increasing challenges in today’s cloud-based environments. Accedere provides the required expertise, customer experience for Cloud Security Assessments, Audits, Privacy Compliance. SOC1, SOC2, SOC3, reports are our major focus area. Accedere has audited multiple organizations both large and SMB in the cloud space for the past several years and has exceptional capabilities in this space. Accedere helps organizations achieve Level-2 and 3 STAR compliance.

The cloud assurance business is led by Ashwin Chaudhary who is an MBA, CPA and has certifications CCSK, CISSP, CISA, CISM, CRISC, CGEIT, ISO27001LA. For more details on how we can help please contact us [email protected], www.accedere.io.

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider approach as a licensed SOC 1 and SOC 2 Auditor, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HISTRUST CSF Assessor firm, accredited FedRAMP 3PAO, candidate CMMC C3PAO, and PCI Qualified Security Assessor Company. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. https://www.a-lign.com/service/csa-star

A-LIGN HQ
400 N. Ashley Drive, Suite 1325
Tampa, FL 33602
+1.888.702.5446

AssuranceLab is a certified B-Corporation, public accounting firm and certification body founded in 2017 to shape a new and better way for audits. Audits build trust, improve processes, and help grow businesses; however, the traditional approach undermines those benefits with excessive costs, complexity and disruption to your business.

Our new way has been developed over the last four years - working closely with modern cloud companies, developing our award-winning Regtech software, and iterating all elements of how audits can be done resulting in the leading agile, collaborative, and tech-enabled approach our clients love.

We conduct audits to various standards such as: CSA Star level 2, SOC 1, SOC 2, ISO 27001, HIPAA, GDPR, CCPA, ESG.These can be provided individually and packaged together for a more streamlined approach resulting in time, effort and cost savings.

For more details on how we can help, please visit our website at www.assurancelab.com.au or contact us at [email protected]

Attinkom LLC is a Licensed CPA and PCAOB registered firm with offices in United States and India. We specialize in providing cybersecurity and IT security compliance services to clients globally. Our expertise, experience, and skills make us uniquely positioned to serve the emerging needs of our clients as they evolve.

Guided by our motto – ‘We verify your trust’, Attinkom’s objective is to be the best in everything we do, turning our experience and industry knowledge into value for our clients. We tailor our audit approach to the needs and characteristics of each client and invest time to get acquainted with each client’s business, processes, and systems.

Our core competency lies in conducting assessments based on industry-leading frameworks such as SOC 1, SOC 2, SOC 3, ISAE 3000, ISAE 3402, CSA Star Attestation, HIPAA, and GDPR, empowering organizations to navigate the complexities of regulatory compliance with confidence and efficiency.

Attinkom LLC
1201 N Orange Street Suite # 7424
Wilmington Delaware 19801-1186

Contact
Website: www.attinkom.com
Email: [email protected]
Phone: +1 (302)-691-9076

Baker Newman Noyes is a U.S. Top 100-ranked tax, assurance, and advisory firm entrusted by individuals and leading organizations to deliver effective accounting, advisory, and financial solutions with diligence, vision, and responsive client service. At BNN, complex issues are solved through teamwork, putting our collective experience and expertise to work for you. Recognized as a Best of Accounting award-winner for client satisfaction, we serve clients locally, regionally, and globally from offices in Maine, Massachusetts, and New Hampshire.

BNN’s cybersecurity and compliance related services include attestation for SOC 1 and 2, and Cloud Security Alliance (CSA) STAR. We help clients with Cybersecurity Assessments, Compliance Readiness Assessments (NIST CSF, PCI DSS, ISO 27001, FedRAMP, CMMC, MS DPR, CSA STAR, HIPAA, Maine Insurance Data Security Act, 23 NYCRR 500) as well as Third Party Risk Assessments, Risk Assessments and Internal Audit (as related to ISO 27001, 23 NYCRR 500 and HIPAA/HITECH).

Baker Newman Noyes – Information Systems and Risk Assurance Practice

Portland, ME 04101

280 Fore Street

Phone: 207.879.2100

Email: [email protected]

Website: www.bnncpa.com

BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.

Learn more at www.barradvisory.com or contact us at [email protected].

BARR Advisory services include:
Compliance Program Assistance
SOC 1 Examinations
SOC 2 and 3 Examinations
SOC for Cybersecurity
PCI DSS Assessment Services
ISO 27001 and 27701 Assessments
FedRAMP Security Assessments
HIPAA/HITECH Services
HITRUST Services
Penetration Testing and Vulnerability Assessments
Virtual CISO Services

CAS Assurance, LLC is a CPA firm based in Miramar, Florida, assisting entities with their taxes and accounting, attestation, compliance, and cybersecurity governance needs. With services designed to meet the specific and unique needs of each client, our team of experienced and resourceful consultants provide better insights for better solutions and results. Our services are aimed at helping clients to improve operational efficiency, cybersecurity risks governance, accountability, and privacy regulatory compliance posture to facilitate an overall healthy, secure, compliant, and thriving organization.

CAS Assurance, LLC cybersecurity and compliance related services include attestation for SOC 1 and 2, SOC for Supply Chain, and Cloud Security Alliance (CSA) STAR. We assist clients with audit readiness assessment and gap remediation, including developing or enhancing requisite security policies and procedures for leading standards, frameworks, and regulations such as NIST SP800-53, CSF, ISO27001, ISO27017, CCM, PCI-DSS, HIPAA, CMMC, SWIFT CSC, CCPA, and GDPR. Our consulting services also include helping clients to implement a SaaS solution from our partner for continuous monitoring, maintenance, and maturation of organization cybersecurity and compliance efforts.

https://www.casassurance.com/

Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, healthcare, retail, payments, and financial industries. Coalfire's approach addresses each businesses' specific vulnerability challenges, developing a long-term strategy to prevent security breaches and data theft. Coalfire provides advisory and assessment services for cyber security and compliance in DoD SRG, FISMA/FedRAMP, HIPAA/HITRUST, PCI DSS, PCI PA-DSS, ISO 27001, SOC and technical testing services such as penetration testing, social engineering and forensics. Coalfire has offices throughout the United States and Europe.

CyberGuard Compliance is a PCAOB registered CPA Firm based in the United States and serving clients around the globe. Our leadership team has over 150 years of combined business management, operations and related information technology (IT) experience. CyberGuard Compliance has performed thousands of SOC audits, and unlike most traditional CPA firms which focus on financial statement auditing and tax compliance,CyberGuard Compliance focuses on Cybersecurity (InfoSEC) and IT security compliance related services.

CyberGuard Compliance, LLP 6720 N. Hualapai Way, Suite 145-306 Las Vegas, Nevada 89149
866-480-3485
Email: [email protected]
Website: https://www.cgcompliance.com/

Deloitte provides attest-related services to a broad cross-section of the largest corporations and governmental agencies. Deloitte’s independent assessments of an organization’s control procedures establish whether existing controls/processes meet management objectives and demonstrate controls to customers and their auditors through reporting and integrated requirements.

Our Third-Party Assurance services value by helping clients with:

Reporting and audit requirements: SOC 1, SOC 2, SOC 2+ with CSA Cloud Controls Matrix, and SOC 3 reports (based on AICPA and ISAE guidance); Custody Rule; agreed-upon procedures (AUP); and other attest reports. Deloitte also offers a full suite of FISMA, CMMC and FedRAMP readiness and 3PAO certification services.

To learn more about how Deloitte’s Third-Party Assurance services can help your organization, contact us.

DHG is a top 20 professional services firm in the United States, offering assurance, tax and advisory services to clients nationwide and internationally. DHG’s Technology Advisory team provides comprehensive cloud assessment and advisory solutions, including cloud transformation consulting to help clients identify and implementation services. Our Tech Compliance team provides CSA-based assessments and audits, and performs SOC 2 examinations that incorporate the CSA Cloud Control Matrix for STAR attestation. DHG’s professionals are passionate about providing an unparalleled client experience as we listen, innovate and act to help our clients.

EY CertifyPoint HQ
Antonio Vivaldistraat 150 1083 HP Amsterdam The Netherlands [email protected]http://www.ey.com/certifypoint

International offices
Founded in 2002, EY CertifyPoint is an accredited independent and impartial certification institute with experienced auditors all over the world certifying some of the top international organizations. Being related to the global EY organization, EY CertifyPoint is able to provide you with a local contact person in nearly every country world-wide. For more information, please visit http://www.ey.com/certifypoint.

Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton has revenues of $1.92 billion and operates more than 50 offices. We’re not the professional services firm you think you know. We believe business should be more personal and that the strongest results start with trust. We’re different. And that’s a good thing.

iExperts is a leading audit consultancy services company, deliver it’s world class service for elite customers in UK, EU, ME and USA. with high level of quality and professionalism.
With +20 years of experience in Information Security and GRC services, iExperts is driven by a relentless commitment to surpassing customer satisfaction, achieving world-class quality, and delivering excellence in every facet of the professional services.

Website:

www.iexperts.co

Choose Insight Assurance for unparalleled audit services led by experienced industry experts. Our global presence ensures consistent and reliable support for clients worldwide, employing cutting-edge technologies for efficient and transparent auditing. We prioritize your experience through dedicated teams, customer success managers, and a 24-hour SLA via Slack, embodying a client-centric approach. With a foundation in former Big-4 auditors with over 20 years of industry experience, our Tampa-based global team operates 24/7, serving 600+ clients across 50+ countries. Experience quality, simplicity, and clear communication with Insight Assurance, where over 90% of clients benefit from maximized automation in compliance processes.

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over a thousand clients in North America, South America, Asia, Europe, and Australia. The firm has more than a decade of experience in information security by performing assessments, audits, and tests that strengthen information security practices and internal controls. KirkpatrickPrice most commonly performs assessments on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and FERPA frameworks, as well as advanced-level penetration testing. For more information, visit www.kirkpatrickprice.com, connect with KirkpatrickPrice on LinkedIn, or subscribe to our YouTube channel.

Kompleye is a recognized global cybersecurity and compliance organization that offers a one-stop comprehensive solution for multiple cybersecurity models, frameworks, and regulatory compliance.

We have in-depth knowledge and extensive experience in different industries, which will ensure a successful assessment to meet your company’s cybersecurity and compliance posture.

We are uniquely qualified to perform multiframework audits including:

  • AICPA - SOC 1, SOC 2, SOC 3 and other SOC assessments (SSAE-18)
  • ISO 27001 – Information Security Management Systems and
  • ISO 27701 – Information Privacy Management Systems
  • HITRUST
  • FedRAMP
  • CMMC
  • Privacy Compliance (GDPR, CCPA, etc.) and both
  • CSA Star Certification
  • CSA Star Attestation
  • AICPA – Direct Examinations (SSAE-21)

Our management team has more than 30 years of combined experience working for Big 4 firms, and across different industries and companies’ sizes; and we will provide the most efficient attestation approach for your company. For more information please visit: www.kompleye.com or contact us at [email protected].

KPMG provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

Cloud services provided based on CSA best practices:

  • Cloud Security Strategy
  • Cloud Security Architecture
  • Cloud Supplier Assessment and Due Diligence


LBMC is a leader in IT Security, helping mid-market and Fortune 500 clients assess their cybersecurity, reduce risk, and protect their sensitive data. With such heavy regulatory and public scrutiny of security and privacy practices, our experienced IT compliance and audit specialists guide you through the maze of regulations. Our team is uniquely qualified to conduct assessments against almost every cybersecurity framework that exists and simplify the process with our “Audit Once, Report Many” approach. LBMC IT assurance services include ACAB LADMF, FISMA, ISO 27001, SOX/COSO/COBIT, CMMC, HITRUST, PCI DSS, SOC, NIST 800-171, NIST 800-53, and CSA STAR assessments. For more information, visit www.LBMCInformationSecurity.com

Marcum LLP is a national accounting and advisory services firm dedicated to helping entrepreneurial, middle-market companies achieve their goals. Understanding our clients’ businesses, helping them identify their needs and meet their challenges, and uncovering opportunities that propel them towards success is our mission. Marcum is committed to providing the most thorough, insightful, and expeditious service, according to the highest ethical standards.

Our consulting and audit professionals are seasoned, trained service consultants. Our advisory team has Big 4 and high-profile consulting experience, and all team members have at least one industry-accepted certification, including CPA, CISA, CISSP, CCSFP, GWAPT, GPEN, and QSA, and/or a Master’s degree in finance or accounting.

The leaders in of risk advisory practice bring more than 100 years of combined public accounting experience, industry knowledge and a long history working with small private firms up to Fortune 500 clients on information technology and compliance initiatives. Our risk advisory team focuses on the delivery of high quality ISO 27001, ISO 27701, PCI DSS, SOC 1/2/3 reporting, and HITRUST certifications.

Moss Adams is a fully integrated professional services firm dedicated to growing, managing, and protecting prosperity. With over 4,400 professionals across more than 30 locations in the market capitals of the West and beyond, we work with the world’s most innovative, dynamic, and promising clients and markets. Through a full spectrum of accounting, consulting, and wealth management services, we bring the deep industry specialization and inspired thinking our clients seek. Since we put down roots in the Pacific Northwest more than 100 years ago, we’ve steadily expanded to serve clients not only in the West, but also across the nation and globally. Our full range of services includes accounting (assurance and tax), consulting (cybersecurity, strategy & operations, transactions, and specialty), as well as individual and institutional wealth management.

Moss Adams is one of the 15 largest US accounting and consulting firms and a founding member of Praxity, a global alliance of independent accounting firms providing clients with local expertise in the major markets of North America, South America, Europe, and Asia.

PKF Antares is a dynamic audit and consulting firm which provides a wide range of professional services including but not limited to CSA STAR Level 2 attestation, SOC 1, 2, and 3, Cybersecurity – strategy, security, prudence, & resilience, ESG, SOX/CSOX, Internal audit, financial audit, etc. Our firm is based out of Calgary, Canada with offices in Red Deer and Toronto. We are connected to 220 firms within the PKF global network with a shared commitment to quality, integrity, and the value creation in a complex regulatory environment. We can provide you with world-class, value adding solutions in IT compliance, Assurance, Advisory, Taxation and Business Services anywhere in the world. Our clients including CAS STAR Level 2 and SOC are from across Canada, USA, and South America. All our professionals at management level have years of experience with “Big 4” professional accounting and advisory firms. As a firm with diverse workforce, we can communicate with you in many different languages i.e., English, Russian, Punjabi, Chinese…

Our firm adopted the Internal Standard on Quality Management (ISQM 1 and 2). All our engagements are under an independent monitoring program to ensure compliance with ISQM standards and quality assurance requirements. As a client, you are guaranteed to receive the highest quality and services from PKF Antares.

Prescient Assurance is a Certified Public Accounting (CPA) firm licensed in the US and Canada with strong Cyber Security and Cloud Computing expertise. We are based in New York City but provide services to global clients. We are a 10-year-old reputable, high-quality, and affordable audit firm.

Prescient Assurance is a Leader in Compliance and Security Certifications for B2B SAAS companies. We have helped hundreds of small to mid-sized businesses and provide them SOC 1, SOC 2- Type 1 and Type 2 Audit, SOC 2 for Privacy, SOC 3, SOC for Cyber, SOC for Supply Chain, HIPAA/HITECH Attestation, GDPR Attestation, the US Drug Supply Chain Safety Act (DSCSA), the US 21st Century Cures (CURES) Act attestation, PCI ASV, PCI QSA, NIST CSF, SOC 2 + CSA STAR Level 2 third party attestation. We do help you with audit or mock exams on Technology Risk Assessment, FFIEC CAT, CMMC, NYDFS, Cyber Maturity Assessment CMMI, and M&A due diligence.

We work with large financial services, healthcare, and hi-tech enterprise as well as small businesses.

For more information, please reach out to [email protected] or call +1 646 209 7319 for a quote today.

PricewaterhouseCoopers Certification BV (hereafter: PwCC), part of the worldwide PwC network is a legal entity accredited for verification and certification services globally. PwCC is focused on building digital trust, by providing certification services for (Cloud) information security management (ISO27000 series and CSA STAR), business continuity (ISO22301), quality management (ISO9001) and information technology service management (ISO20000).

PwCC is committed to delivering our certification engagements to the highest quality standards. As such, PwCC is accredited to issue ISO27001, ISO9001and ISO22301 certificates by the Dutch accreditation body ‘Raad voor Accreditatie’. Our certification engagements are conducted according to the ISO17021-1 standard for certification of management systems, a standardised approach used by all accredited certification bodies. The actual overview of standards PwCC is accredited for can be found on the website of the ‘Raad voor Accreditatie’.

Organizations in a business-to-business environment are increasingly subject to requirements from customers, regulators and other stakeholders to demonstrate that information security, quality control and business continuity is up to standard from both a management system and controls perspective. PwCC is one of the few organisations that is capable of leveraging synergies resulting from overlaps between attestation frameworks (e.g. SOC1, SOC2, IRAP, HIPAA, GBLA, BSI C5, FDA, GXP, TISAX), management systems and different territories.

QRC stands as a preeminent global entity in the realm of certification, cyber security, and privacy compliance services. As a distinguished international certification institute, QRC excels in delivering Auditing and Certification services of global acclaim across a myriad of Governance, Risk, and Compliance (GRC) frameworks.

Our services are meticulously tailored to ensure the alignment of organizational information technology with business objectives, effectively manage risks, adhere to pertinent regulations, and assist organizations in achieving their aspirations with reliability, reduced uncertainty, and compliance adherence.

QRC prides itself on being a technology-driven security and compliance ally, garnering trust from over 500 global entities to counteract cybersecurity threats. Our unique service model offers a consolidated provider approach as a licensed entity, extending certifications and a comprehensive range of cybersecurity and privacy compliance and assessment services.

We provide Assessment & Certification services for various frameworks like:

Payment Card Industry Audit and Certification like PCI DSS, PCI 3DS, PCI SLC, PCI SSF, PCI PIN, PCI P2PE etc.,

ISO Certifications like ISO 27001, ISO 27701, ISO 9001, ISO 27017, ISO 27018

Licenced CPA firm to Perform SOC 1 and SOC 2 (SSAE Attestations)

Recognized SWIFT CSCF Assessment Provider

CSA STAR Certification

Security Assessments (Vulnerabilities Assessments and Penetration Testing) Services

The QRC auditing team of more than 50+ auditors possess the experience in wide range of business scopes of industrial and business sectors and offers its customers compliance assessments and certification services internationally GDPR, HIPAA, CCPA among others.

Richey May's risk management and audit expertise goes beyond traditional services; our insights, innovation, and market intelligence, powered by professionals joining us from the industries we serve, enable our clients to achieve more through full-service, custom-designed, strategic, and cost-effective audit programs. With deep expertise in challenging markets, our professionals have industry-leading certifications and unparalleled knowledge. Our deliverables are designed to create sustainable change, making risk management not an expense, but a strategic investment in smart growth. Richey May has been a trusted name in financial services and other regulated industries for almost four decades. Our commitment to excellence has not gone unnoticed, being named a Top 100 Firm by Inside Public Accounting and Accounting Today in 2022 and 2023. In addition, Richey May Advisory received recognition as a Mortgage Tech 100 and Mortgage Tech Trendsetter by Housing Wire, and the firm won the prestigious Excellence in Firm Culture award from Inside Public Accounting.

Schellman & Company, LLC HQ
4010 W Boy Scout Boulevard, Suite 600
Tampa, FL 33607
Telephone: 1.866.254.0000 Outside of the United States, please dial: +1.973.854.4684

We are setting the pace and blazing new trails. We are the only company in the world capable of providing our clients the rare opportunity to achieve multiple compliance objectives through a single independent assessor — using experienced teams dedicated to delivering the highest quality.

For more information visit www.schellman.com

Securisea is one of only a handful of audit firms in the world certified to provide CSA STAR, ISO27001 and 27701, SOC2, SOC1, PCI DSS, FedRamp/StateRAMP 3PAO, HITRUST & HIPAA assessments all under one roof.

Our integrated compliance approach allows us to leverage our client’s existing security controls from other frameworks directly into each engagement, reducing overhead and work duplication. As experts in a wide variety of security control frameworks, we can provide a comprehensive solution for all of your security assessments.

Top Tier Expertise, Excellent Customer Experience

For over 18 years our team has been helping clients of all sizes focus on their core business, helping to address their compliance needs with little to no impact to their engineering schedules and time to market. You’ll work with an experienced team of consultants that understand what you need because we’ve been there, with extensive corporate security experience as well as exceptional credentialing expertise. We personalize our services for your unique timing and requirements, with a comprehensive approach that operates inside and outside the network perimeter, through application and network layers, and across cloud-based and hybrid online environments.

We’ll be by your side throughout the entire process, resulting in a best-in-class customer experience.

Consulting Services

In addition to formal assurance services, Securisea parent company provides consulting services span the entire security landscape, including but not limited to:

●Penetration testing

●Compliance whitepapers

●Security architecture

●Web application security

●Secure code reviews

●Training

●Secure software development lifecycle

●Security policy development

●Reverse engineering

●Risk assessments/risk management

●Cryptography

To learn more about the companies that rely on Securisea, Inc. for their critical assessments and consulting needs, visit http://www.securisea.com.

Contact Information

POC: Josh Daymont
E-mail: [email protected]
Founded: 2006
Address: 2501 Chatham Rd Suite 4573 Springfield, IL 62704
Phone: 877-563-4230

Weaver is a CSA Global Consultancy Program partner with broad experience in the Cloud Service Provider space from Fortune 50 global providers that offer everything under the sun to smaller niche SaaS providers. Whether you provide bare metal infrastructure, container orchestration, server-less architecture, content delivery, or software as a service we can help. Our experience has given us the unique ability to quickly take technical concepts and architectures and help providers discern where they are and where they need to be in the ever growing world of governance, risk management, compliance (GRC), and security.

As a full service CPA firm, we can draw on experience across industries and regulatory environments to offer you a more holistic approach to assist you in building trust and assurance with your customers and stakeholders. Whether you’re seeking Third Party Assurance for your customers (STAR, SOC1, SOC2, PCI, HIPAA, ISO27001), Continuous Monitoring and other security or IT assessments for internal reporting (NIST CSF, DHS CRR, COSO, COBIT, CMMC) or accounting, tax and financial reporting services (SOX, FFIEC) for your investors, shareholders and other stakeholders, Weaver can help.

With more than 3,000 associates and 84,000 clients, Wipfli ranks as one of the top 20 accounting and advisory firms in the nation. Wipfli helps its clients craft innovative strategies and transform digitally to achieve financial and operational efficiencies and drive growth. Learn more at wipfli.com.

Certified Auditors for CSA C-STAR Assessment

Certified Auditors
Contact Info

CEPREI HQ No.110 Dongguan Zhuang RD. Guangzhou, P.R.China Telephone: +86-20-87236606 [email protected] As a leading provider of management system certification body in China and the first Executive Member of CSA in Asia, CEPREI Certification Body Provides information security related professional services such as ISO20000 & ISO27001 certification, risk assessment, IT governance, Business Continuity Management etc. Also, newly launched C-STAR assessment scheme is provided to help our client fully understand cloud security issues they’re facing and how to put the appropriate controls in place. CEPREI Certification Body with unique legal status is a registrar authorized and accredited by national department and/or accreditation bodies home and abroad, to conduct third-party certification. It grew out of Inspection Division of China Electronic Product Reliability and Environmental Research Institute (the Fifth Electronic Institute) established in 1956, which is the first scientific research organization at national level engaged in product quality and reliability research in China. As early as 1979, CEPREI Certification Body introduced the concept of Certification into China. Ever since then CEPREI has issued more than ten thousand certificates of various types to its clients. It sets foot in all administrative regions in mainland China and other countries and regions including Hongkong Special Administration Region, Taiwan, USA, German, Holland, Denmark, Australia, Japan, Korea, Malaysia, Thailand and Singapore. As one of the most authoritative accreditation bodies in the world, America National Standard Institute-Registrar Accreditation Board (ANAB) has authorized CEPREI Certification Body to issue ISO9000, ISO14000 and ISO27001 certificates with ANAB logo since 2001. The certificate will be helpful for your products and services in improving reputation and enhancing competitiveness home and abroad.