Cloud 101CircleEventsBlog
Get 50% off the Cloud Infrastructure Security training bundle with code 'unlock50advantage'

Certified STAR Auditors

Certified STAR Auditors

Certified STAR Auditors

ISO + CSA STAR Certification Auditors

Certified Auditors
Contact Info

Accedere is an end-to-end Cybersecurity Audit/Assessment and Managed Security Services (MSSP) firm. As a Colorado CPA firm registered with PCAOB, and CSA, we specialize in Cloud Security and Privacy, helping clients navigate the evolving risks in today’s digital landscape. With cyber risk now the 3rd biggest risk in business, we provide deep expertise in evaluating Cyber Governance Maturity to safeguard your data. As CSA STAR auditors, we engage with CSP’s towards achieving CSA STAR compliance.

Our GRC automation tool Controllo is AI-powered and designed to streamline cyber compliance with frameworks like SOC 2, ISO 27001 (ISMS), and ISO 27701 (PIMS) & CSA’s CCM. Controllo helps manage risks across Assets, Organizational Risks, and Vendor Risks, leveraging NIST CSF 2.0 for comprehensive risk management.

We offer compliance audits focusing on SOC 1, SOC 2, and SOC 3 reports and as an ISO/IEC Certification Body for ISMS, PIMS, BCMS,SMS and AIMS (Artificial Intelligence) along with CSA STAR Audits.

From our India-based Security Operations Center (24x7 CSOC), we provide AI-driven monitoring and threat detection, powered by Microsoft Sentinel. Our real-time alerts on intrusions and Indicators of Compromise (IOCs) are supported by advanced assessments like Penetration Testing, Breach and Attack Simulation, and Configuration Reviews.

With years of experience auditing both large enterprises and SMBs, we bring exceptional capabilities and over 22 years of experience in Cyber, Cloud Security Assessments and Audits. Our business is led by Ashwin Chaudhary, an MBA, CPA, and certified expert with credentials including CCSK, CISSP, CISA, CISM, CEGIT,CRISC,CDPSE, and more.

For more information on how Accedere can protect your business, contact us at [email protected] or visit www.accedere.io

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider approach as a licensed SOC 1 and SOC 2 Auditor, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HISTRUST CSF Assessor firm, accredited FedRAMP 3PAO, candidate CMMC C3PAO, and PCI Qualified Security Assessor Company. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. https://www.a-lign.com/service/csa-star

A-LIGN HQ
400 N. Ashley Drive, Suite 1325
Tampa, FL 33602
+1.888.702.5446

Armanino is a top 20 accounting and consulting firm focused on delivering a depth of knowledge, a range of services and a consistent and responsive team. Within Armanino’s Trust practice is a dedicated team focused on delivering security and compliance attestations and certifications. Armanino looks to customize and tailor security and compliance solutions to meet the needs to clients where they are and for future growth. We work with small business through to global enterprises to deliver a unique technology enabled solution for SOC 1, SOC 2, and SOC 3 attestations, HITRUST CSF Assessor Firm, CSA Star Attestation and PCI Qualified Security Assessor Company.

BARR Certifications, the certifying body of BARR Advisory, is an accredited, independent certification provider offering audit and certification services for ISO/IEC 27001 and ISO/IEC 27701, helping organizations protect their most sensitive information. A trusted security and compliance solutions provider for organizations with high-value data in regulated industries like healthcare, technology, financial services, and government, BARR takes the complexity out of security and compliance and works with you to create an infrastructure built on accountability and trust. As one of a handful of organizations in the U.S. eligible to certify against the four highest regarded frameworks (SOC, ISO 27001, HITRUST, and PCI DSS), our team of experts will simplify the process every step of the way.

For more information on how BARR can help simplify the path to security and compliance, contact us today at [email protected] or by visiting www.barradvisory.com.

BSI Global HQ
389 Chiswick High Road London W4 4AL United Kingdom [email protected] +44 20 8996 9000

BSI Americas
12110 Sunset Hills Road, Suite 200 Reston, VA 20190-5902 [email protected] Telephone: 1.800.862.4977

International offices
BSI has 58 offices serving over 80,000 clients in 150 countries To find the office closest to you visit: http://www.bsigroup.com/

Bureau Veritas is a world leader in testing, inspection and certification. We help clients across all industries address challenges in quality, health & safety, environmental protection, enterprise risk and social responsibility. We support them in increasing performance throughout the life of their assets and products and via continuous improvement in their processes and management systems. Our teams worldwide are driven by a strong purpose: to preserve people, assets and the environment by identifying, preventing, managing and reducing risks. Bureau Veritas has offered management systems certification to our clients since the first such international standard, ISO 9001 for quality, came into being in 1987; with 150,000 active ISO certificates and +8,000 skilled auditors, Bureau Veritas is present in 140 countries with local specialists in 80 countries. Subsequently Bureau Veritas began offering Information security management systems certifications since the early 2000s. Today Bureau Veritas is recognized by over 40 national and international accreditation bodies across the world, Bureau Veritas holds United Kingdom Accreditation Service (UKAS) global accreditations for Cyber Security and Business continuity to standards including ISO 27001, ISO 55001 and ISO 22301.

https://certification.bureauveritas.com/certificat...

CCIC is a central enterprise approved by the State Council and managed by SASAC. Founded in 1980, it is a comprehensive quality service institution with the main business involving"standards, inspection, testing and certification".

A first-class subsidiary of CCIC, CCIC SHAANXI was reorganized by the former CCIC SHAANXI and CQC Xi'an Branch in November 2007 with the approval of the State Administration for Market Regulation and the Certification and Accreditation Administration Commission of the PRC.

As an internationally recognized certification body, we conduct certification audits for various types of enterprises, with standards for these audits including: ISO 27001, ISO 20000, ISO 27701, ISO 22301, ISO 27017, ISO 27018, ISO 29151, etc.

We uphold the concept of independence, justice and professional innovation, hoping to provide a comprehensive quality service for you and make a sustained effort to create a more reliable world!

CPG is Australian owned and a full-scope International Certification and Training Body. They are recognized by JAS-ANZ (Joint Accreditation System – Australia New Zealand), by Singapore Accreditation Council and by APMG International as an Accredited Certification Body, by SANAS (South African National Accreditation System) and by Exemplar Global as an Accredited Training Organisation. CPG certifies small through to large organisations, businesses, hospitals and government departments to both National and International standards, across a wide array of management systems certifications.

With offices in over 30 countries, CPG (formerly International Standards Global) is a full-scope CB, with accreditations from multiple IAF and National Bodies. Programs offered include ISO2700, ISO9000, HACCP, Food Safety, Occupational Health, Disability, and Business Continuity. https://cpg.global

Founded in 1957, the China Academy of Information and Communications Technology (hereinafter referred to as CAICT) is a scientific research institute directly under the Ministry of Industry and Information Technology (MIIT) of China. It cherishes the cultural philosophy of "Boosting prosperity with virtues and expertise" for years while adhering to the development position of "a specialized think-tank for the government and an innovation and development platform for the industry". Committed to "the think-tank and enabler for innovation and development in an information society," CAICT has provided strong support for major strategy, plan, policy, test, and certification for the development of the national ICT sector and the IT application, thus proving itself an important facilitator in the leapfrog development and innovation of China's information and communications sector. It has been granted hundreds of scientific and technological awards at both national and provincial levels.

Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, healthcare, retail, payments, and financial industries. Coalfire's approach addresses each businesses' specific vulnerability challenges, developing a long-term strategy to prevent security breaches and data theft. Coalfire provides advisory and assessment services for cyber security and compliance in DoD SRG, FISMA/FedRAMP, HIPAA/HITRUST, PCI DSS, PCI PA-DSS, ISO 27001, SOC and technical testing services such as penetration testing, social engineering and forensics. Coalfire has offices throughout the United States and Europe.

Complade is an ISO/IEC 27001, & CAN/CISO 104:2022 and authorized CSA STAR auditors and Accredited Certification Body by SCC and IAF. A cyber security standards' conformity auditors who deliver an informed assurance of the balance status of your cyber risks and controls. Complade partners with boards of directors and senior management teams to solve cyber security assurance challenges. To provide impartial cyber security audits tailored to your organizational objectives based on de jure cybersecurity standards. More details on www.Complade.com

ControlCase is a global provider of certification, cyber security and continuous compliance services. ControlCase is committed to empowering organizations to develop and deploy strategic information security and compliance programs that are simplified, cost effective and comprehensive in both on-premise and cloud environments. ControlCase offers certifications and a broad spectrum of cybersecurity services that meet the needs of companies required to certify to PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, HIPAA, GDPR, SWIFT and FedRAMP.

www.controlcase.com

ControlCase
USA +1.703.483.6383
Canada +1.416.900.1272
Europe, Middle East and Africa +44.2035145389
India +91.7506610917
Asia Pacific +66-21056164
Website: https://controlcase.com
Email: [email protected]

CyberGuard Compliance is a PCAOB registered CPA Firm based in the United States and serving clients around the globe. Our leadership team has over 150 years of combined business management, operations and related information technology (IT) experience. CyberGuard Compliance has performed thousands of SOC audits, and unlike most traditional CPA firms which focus on financial statement auditing and tax compliance,CyberGuard Compliance focuses on Cybersecurity (InfoSEC) and IT security compliance related services.

CyberGuard Compliance, LLP 6720 N. Hualapai Way, Suite 145-306 Las Vegas, Nevada 89149
866-480-3485
Email: [email protected]
Website: https://www.cgcompliance.com/

Driven by our purpose of safeguarding life, property and the environment, DNV enables organizations to advance the safety and sustainability of their business. DNV is a leading provider of classification, certification, verification and training services. With our origins stretching back to 1864, our reach today is global. Operating in more than 100 countries, our 15,000 professionals are dedicated to helping our customers make the world safer, smarter and greener.

As a world-leading certification body, DNV helps businesses assure the performance of their organizations, products, people, facilities and supply chains through certification, verification, assessment, and training services. We also deliver deep insight and pragmatic support to major companies enabling them to build effective sustainability strategies. Partnering with our customers, we build sustainable business performance and create stakeholder trust.

DNV HQ
Veritasveien 1 1363
Høvik Norway
Telephone: +47 67 57 99 00

To find the office closest to you visit https://www.dnv.com/cn or contact us at [email protected].

https://www.dnv.com/

EY CertifyPoint HQ
Antonio Vivaldistraat 150 1083 HP Amsterdam The Netherlands [email protected]http://www.ey.com/certifypoint

International offices
Founded in 2002, EY CertifyPoint is an accredited independent and impartial certification institute with experienced auditors all over the world certifying some of the top international organizations. Being related to the global EY organization, EY CertifyPoint is able to provide you with a local contact person in nearly every country world-wide. For more information, please visit http://www.ey.com/certifypoint.

Choose Insight Assurance for unparalleled audit services led by experienced industry experts. Our global presence ensures consistent and reliable support for clients worldwide, employing cutting-edge technologies for efficient and transparent auditing. We prioritize your experience through dedicated teams, customer success managers, and a 24-hour SLA via Slack, embodying a client-centric approach. With a foundation in former Big-4 auditors with over 20 years of industry experience, our Tampa-based global team operates 24/7, serving 600+ clients across 50+ countries. Experience quality, simplicity, and clear communication with Insight Assurance, where over 90% of clients benefit from maximized automation in compliance processes.

INTERCERT is an international certification institute providing Auditing and Certification services of International repute on various Governance, Risk, and Compliance (GRC) frameworks Worldwide for aligning organizational information technology with business goals, managing risks and fulfils applicable regulations and leading the organizations achieve their goals reliably, remove uncertainty, and meet compliance requirements.

The institution was established in year 2009 with the group of professionals keen to contribute towards safe and sustainable world. The INTERCERT group having rich experience of 15 years in delivering excellence through international certifications and trainings across the globe. The INTERCERT auditing team of 125+ auditors possess the experience in wide range of business scopes of industrial and business sectors and offers its customers compliance assessments and certification services internationally.

INTERCERT is an accredited Management System Certification Body from IAF Member accreditation boards Standard Council of Canada (SCC) and United Accreditation Foundation (UAF), United States under IAF . We have team of AICPA registered CPAs for SOC 1 & SOC2 services and PCI registered QSAs for PCI-DSS.

We provide Assessments & Certification services for various frameworks below:

ISO 27001, ISO 27701, ISO 22301, ISO 20000-1, ISO 27017, ISO 27018, ISO 9001, ISO 42001 PCI-DSS, SOC2, SOC1, GDPR, HIPAA, CCPA, PIPEDA, Singapore PDPA, Australian DPA, CSA STAR, NIST related frameworks, HITRUST, FedRAMP, CMMC, TISAX and additionally, we provide Vulnerabilities Assessment and Penetration Testing services (VAPT).

Learn more at https://intercert.com or contact us at [email protected]

Global HQ

INTERCERT Inc.,

2001, Timberloch Place, Suite 500, The Woodlands, Texas 77380, United States

Contact Number: +1 (281)-899-8052

Asia & Middle East

1118, Tower C, Noida One, B-8, Sector 62, Noida – 201301, India

Contact Number: +91-120 7962852, +91-120 2975194

India Regional Sales Office

#7, 2nd Floor, AVS Compound, 20L Cross Road, 80 Ft Road, Koramangala 4th Block, Bengaluru - 560034, India

Contact Number: +91-844 8581849

International Offices

INTERCERT international presence in 22 countries providing services to 6000 customers worldwide.

https://www.intercert.com/aboutus/global-coverage

Kompleye is a recognized global cybersecurity and compliance organization that offers a one-stop comprehensive solution for multiple cybersecurity models, frameworks, and regulatory compliance.

We have in-depth knowledge and extensive experience in different industries, which will ensure a successful assessment to meet your company’s cybersecurity and compliance posture.

We are uniquely qualified to perform multiframework audits including:

  • AICPA - SOC 1, SOC 2, SOC 3 and other SOC assessments (SSAE-18)
  • ISO 27001 – Information Security Management Systems and
  • ISO 27701 – Information Privacy Management Systems
  • HITRUST
  • FedRAMP
  • CMMC
  • Privacy Compliance (GDPR, CCPA, etc.) and both
  • CSA Star Certification
  • CSA Star Attestation
  • AICPA – Direct Examinations (SSAE-21)

Our management team has more than 30 years of combined experience working for Big 4 firms, and across different industries and companies’ sizes; and we will provide the most efficient attestation approach for your company. For more information please visit: www.kompleye.com or contact us at [email protected].

KPMG Cert GmbH, located in Cologne, Germany, is the accredited certification body of KPMG AG Wirtschaftsprüfungsgesellschaft. We act independently: KPMG Cert does not perform any consulting services related to the design, implementation, internal audit or operations of management systems.

Not only are we active in a wide variety of industries, but we are also familiar with companies of all sizes based on our vast experience in the certification business. Apart from the classic quality and environmental topics, two of our focus areas are risk management topics and information security management systems.

LBMC is a leader in IT Security, helping mid-market and Fortune 500 clients assess their cybersecurity, reduce risk, and protect their sensitive data. With such heavy regulatory and public scrutiny of security and privacy practices, our experienced IT compliance and audit specialists guide you through the maze of regulations. Our team is uniquely qualified to conduct assessments against almost every cybersecurity framework that exists and simplify the process with our “Audit Once, Report Many” approach. LBMC IT assurance services include ACAB LADMF, FISMA, ISO 27001, SOX/COSO/COBIT, CMMC, HITRUST, PCI DSS, SOC, NIST 800-171, NIST 800-53, and CSA STAR assessments. For more information, visit www.LBMCInformationSecurity.com

Linford & Company LLP is a Denver-based Certified Public Accounting firm comprised of former “Big Four” auditors and Information Security experts. We perform SOC 1, SOC 2, and HITRUST audits, HIPAA compliance audits, FedRAMP security assessments, NIST 800-53 and 800-171 compliance assessments, ISO 27001 certification services, and penetration testing and vulnerability assessments for organizations around the world.


Our experience spans a wide range of global industries and organizations—from privately held small- and medium-sized businesses to Fortune 500 companies utilizing in-house and cloud-based environments. Our associates combine a unique, in-depth knowledge of the American Institute of Certified Public Accountants’ (AICPA) audit guidance and National Institute of Standards and Technology (NIST) standards with deep technical knowledge in a broad range of information and software technologies. The combination of our experience and our dedication to the highest professional standards consistently leads to positive audit experiences for our clients.

When information security systems are not properly managed and maintained, organisations run the risk of sustaining serious financial and reputational losses. Ensuring your organisation has the right controls in place to reduce the risk of serious data security threats and avoid any system weaknesses from being exploited is crucial.

LRQA has been at the forefront of standards development and involved in Information Security Management System (ISMS) assessment for many years. Our high-profile clients in the finance, telecoms, software, internet, consultancy, justice and government sectors trust LRQA to deliver high quality, consistent and impartial assessments with the full back-up of a highly dedicated support package.

Our assessors are experts qualified in information security and other aspects of IT, whose objective view will give you confidence in your own security measures as judged against best industry practice.

For more information on our wide range of services, or to make an inquiry, visit https://www.lrqa.com/en-us/csa-star/certification-services/

Marcum LLP is a national accounting and advisory services firm dedicated to helping entrepreneurial, middle-market companies achieve their goals. Understanding our clients’ businesses, helping them identify their needs and meet their challenges, and uncovering opportunities that propel them towards success is our mission. Marcum is committed to providing the most thorough, insightful, and expeditious service, according to the highest ethical standards.

Our consulting and audit professionals are seasoned, trained service consultants. Our advisory team has Big 4 and high-profile consulting experience, and all team members have at least one industry-accepted certification, including CPA, CISA, CISSP, CCSFP, GWAPT, GPEN, and QSA, and/or a Master’s degree in finance or accounting.

The leaders in of risk advisory practice bring more than 100 years of combined public accounting experience, industry knowledge and a long history working with small private firms up to Fortune 500 clients on information technology and compliance initiatives. Our risk advisory team focuses on the delivery of high quality ISO 27001, ISO 27701, PCI DSS, SOC 1/2/3 reporting, and HITRUST certifications.

Mastermind is not your typical auditor.

Mastermind is the most exclusively focused and expert-driven certification body on the planet, specializing in information security, privacy, and data protection in the cloud. We are a US-based team of energetic and passionate professionals that get excited talking about ISO standards and CSA STAR.

Immaculate deliverables, devoid of generalists, offshore contractors, and inflated bill rates, that you can show off to your executive team and customers.

Ping us: [email protected]

Moss Adams is a fully integrated professional services firm dedicated to growing, managing, and protecting prosperity. With over 4,400 professionals across more than 30 locations in the market capitals of the West and beyond, we work with the world’s most innovative, dynamic, and promising clients and markets. Through a full spectrum of accounting, consulting, and wealth management services, we bring the deep industry specialization and inspired thinking our clients seek. Since we put down roots in the Pacific Northwest more than 100 years ago, we’ve steadily expanded to serve clients not only in the West, but also across the nation and globally. Our full range of services includes accounting (assurance and tax), consulting (cybersecurity, strategy & operations, transactions, and specialty), as well as individual and institutional wealth management.

Moss Adams is one of the 15 largest US accounting and consulting firms and a founding member of Praxity, a global alliance of independent accounting firms providing clients with local expertise in the major markets of North America, South America, Europe, and Asia.

MSECB helps companies of any industry show their commitment to success by providing them with valuable and up-to-date evaluation and certification services against internationally recognized standards. We enable companies to follow the best practices and gain maximum advantage from their systems in this ever-evolving world of business.

As an international accredited certification body, we have conducted thousands of certification audits in more than 70 countries for SMEs and large enterprises against standards such as: ISO/IEC 27001, ISO/IEC 27701, ISO 22301, ISO 37001, ISO 9001, ISO 14001, etc.

Our happy clientele have chosen us for our expertise, quick and excellent service, the quality and professionalism of our auditors, and above all, for the outstanding customer experience that we offer. How do we accomplish this? We handle each client’s request with the utmost care and ensure certification with appropriate audit methods in a timely manner.

Visit our website to learn more about us and our services: https://msecb.com/

MSECB HQ
1555 boul de l'Avenir, Bureau 306, Laval, Quebec H7S 2N5, Canada
[email protected]

Nixu Corporation is a cybersecurity company. We work to improve our clients’ cybersecurity in solution areas of Corporate IT, Digital Business and Industrial Internet. Our clients trust Nixu in projects where developing, implementing or assessing of information security is a must. We ensure the confidentiality of our clients' data, business continuity and ease-of-access to digital services through planning and mitigation of cybersecurity risks.

CONTACT INFORMATION:
Phone number: +358 9 478 1011
E-mail: [email protected]

Blog: http://www.nixu.com/blog
Twitter: @nixutigerteam

NSF International is an independent, global organization that protects human health by facilitating the development of public health and safety standards, and providing certification and testing services.

Our cybersecurity audit services can help you leverage best practices to reduce organizational risk, improve business performance, successfully address customer expectations and meet or exceed corporate and organizational objectives.

PKF Antares is a dynamic audit and consulting firm which provides a wide range of professional services including but not limited to CSA STAR Level 2 attestation, SOC 1, 2, and 3, Cybersecurity – strategy, security, prudence, & resilience, ESG, SOX/CSOX, Internal audit, financial audit, etc. Our firm is based out of Calgary, Canada with offices in Red Deer and Toronto. We are connected to 220 firms within the PKF global network with a shared commitment to quality, integrity, and the value creation in a complex regulatory environment. We can provide you with world-class, value adding solutions in IT compliance, Assurance, Advisory, Taxation and Business Services anywhere in the world. Our clients including CAS STAR Level 2 and SOC are from across Canada, USA, and South America. All our professionals at management level have years of experience with “Big 4” professional accounting and advisory firms. As a firm with diverse workforce, we can communicate with you in many different languages i.e., English, Russian, Punjabi, Chinese…

Our firm adopted the Internal Standard on Quality Management (ISQM 1 and 2). All our engagements are under an independent monitoring program to ensure compliance with ISQM standards and quality assurance requirements. As a client, you are guaranteed to receive the highest quality and services from PKF Antares.

Prescient Security is a CREST certified global top 20 cyber security company that provides high-quality, expedited, and affordable security services to enterprise and SAAS clients globally. We offer Google designated OAuth, Microsoft SSPA, SOC 2, ISO 27001, PCI QSA, GDPR, HIPAA, CCPA,FERPA, FISMA, GLBA CSA STAR and other security and privacy certifications and penetration testing services.

We are based in New York City but provide services on global time zones. We are a 10-year-old reputable, high-quality, and affordable audit firm.

For more information, please reach out to [email protected] or call +1 646 209 7319 for a quote today.

PricewaterhouseCoopers Certification BV (hereafter: PwCC), part of the worldwide PwC network is a legal entity accredited for verification and certification services globally. PwCC is focused on building digital trust, by providing certification services for (Cloud) information security management (ISO27000 series and CSA STAR), business continuity (ISO22301), quality management (ISO9001) and information technology service management (ISO20000).

PwCC is committed to delivering our certification engagements to the highest quality standards. As such, PwCC is accredited to issue ISO27001, ISO9001and ISO22301 certificates by the Dutch accreditation body ‘Raad voor Accreditatie’. Our certification engagements are conducted according to the ISO17021-1 standard for certification of management systems, a standardised approach used by all accredited certification bodies. The actual overview of standards PwCC is accredited for can be found on the website of the ‘Raad voor Accreditatie’.

Organizations in a business-to-business environment are increasingly subject to requirements from customers, regulators and other stakeholders to demonstrate that information security, quality control and business continuity is up to standard from both a management system and controls perspective. PwCC is one of the few organisations that is capable of leveraging synergies resulting from overlaps between attestation frameworks (e.g. SOC1, SOC2, IRAP, HIPAA, GBLA, BSI C5, FDA, GXP, TISAX), management systems and different territories.

QRC stands as a preeminent global entity in the realm of certification, cyber security, and privacy compliance services. As a distinguished international certification institute, QRC excels in delivering Auditing and Certification services of global acclaim across a myriad of Governance, Risk, and Compliance (GRC) frameworks.

Our services are meticulously tailored to ensure the alignment of organizational information technology with business objectives, effectively manage risks, adhere to pertinent regulations, and assist organizations in achieving their aspirations with reliability, reduced uncertainty, and compliance adherence.

QRC prides itself on being a technology-driven security and compliance ally, garnering trust from over 500 global entities to counteract cybersecurity threats. Our unique service model offers a consolidated provider approach as a licensed entity, extending certifications and a comprehensive range of cybersecurity and privacy compliance and assessment services.

We provide Assessment & Certification services for various frameworks like:

Payment Card Industry Audit and Certification like PCI DSS, PCI 3DS, PCI SLC, PCI SSF, PCI PIN, PCI P2PE etc.,

ISO Certifications like ISO 27001, ISO 27701, ISO 9001, ISO 27017, ISO 27018

Licenced CPA firm to Perform SOC 1 and SOC 2 (SSAE Attestations)

Recognized SWIFT CSCF Assessment Provider

CSA STAR Certification

Security Assessments (Vulnerabilities Assessments and Penetration Testing) Services

The QRC auditing team of more than 50+ auditors possess the experience in wide range of business scopes of industrial and business sectors and offers its customers compliance assessments and certification services internationally GDPR, HIPAA, CCPA among others.

QSCert, spol. s r.o.
E. P. Voljanského 1, 960 01 Zvolen
https://maps.google.com/?q=E.+P.+Voljansk%C3%A9ho+1,+960+01+Zvolen&entry=gmail&source=g
Tel: 045 - 54 00 717
Tel/Fax: 045 - 54 00 718
Phone number: 0905 - 977 200
E-mail: [email protected]

QSCert® is an international Certification Body based in Prague (Czech Republic). Its core business is certification of management systems according to several international standards. QSCert® has established the net of branch offices all over the world. QSCert® is accredited by the Czech Accreditation Institute. QSCert® differs from other certification bodies mainly by pragmatic approach to an audit without emphasis on bureaucracy. A quality management system which QSCert® requires from its clients is established also in QSCert®. QSCert® audit gives added value to the client not only by examining the compliance with the standard requirements but also by suggesting opportunities for improvement of the management system. QSCert auditors are people who worked as quality managers or consultants in the past – they are able to understand certification audits from the auditee point of view. It enables them to conduct audits in correct and pragmatic way.

RINA is a multinational company that helps clients build strong, successful businesses. Through a global network of over 5.300 talented professionals, operating out of 200 offices in 70 countries, we support market operators across the entire lifecycle of their projects, whilst assisting them in renewing their products, technologies and services. RINA provides a wide range of services across Energy&Mobility, Marine, Certification, Infrastructure & Real Estate and Industry sectors and is a member of key international organizations and an important contributor to the development of new legislative standards.

Schellman Compliance LLC HQ 4010 W Boy Scout Boulevard, Suite 600 Tampa, FL 33607 Telephone: 1.866.254.0000 Outside of the United States, please dial: +1.973.854.4684

We are setting the pace and blazing new trails. We are the only company in the world capable of providing our clients the rare opportunity to achieve multiple compliance objectives through a single independent assessor — using experienced teams dedicated to delivering the highest quality.

For more information visit www.schellman.com

SGS HQ
1 Place des Alpes P.O. Box 2152 Geneva, 1211 Switzerland

SGS Taiwan (East Asia HQ)
4F, No.125, Wu Kung Road, New Taipei Industrial District, New Taipei City, 24886 Taiwan (R.O.C.)

International offices
SGS has 1,400 offices serving over 120,000 clients certification services in 150 countries. To find the office closest to you visit: http://www.sgs.com/

Shenzhen National FinTech Evaluation Center Co.,Ltd (NFEC) is a leading evaluation provider in China’s financial industry with the approval of People’s Bank of China. NFEC focuses on Fintech services including but not limited to security testing & evaluation, technology certification, FinTech solution & consultation.

NFEC serves China’s major banks, financial organizations, high-tech enterprises, third-party payment companies, etc. NFEC’s services aim at the regulatory compliance of Fintech innovation and synergy of Finance and cutting-edge technologies such as artificial intelligence, big data, cloud computing and blockchain.

TÜV SÜD America is a premium quality, safety, and sustainability solutions provider that specializes in testing, inspection, auditing, certification, training, and knowledge services. Since 1866, the company has remained committed to its founding principle of protecting people, property and the environment from technology-related risks. TÜV SÜD America’s US is headquartered in Wakefield, Massachusetts. TÜV SÜD has locations worldwide.

SOC 2 + CSA STAR Attestation Auditors

Certified Auditors
Contact Info

360 Advanced is “Making Better Businesses” through their national Cybersecurity and Compliance offerings. Services provided include CSA STAR, SOC 1, SOC 2, SOC 3, SOC for Cybersecurity, HIPAA/HITECH, ISO 27001, PCI-DSS, HITRUST CSF, Microsoft SSPA Attestation, Penetration Testing, GDPR, CCPA and more. In certain states, 360 Advanced may operate under the name of Hiestand, Brand, Loughran, P.A. to meet AICPA requirements. To learn more about 360 Advanced, visit www.360advanced.com

For more information on compliance solutions, contact Brad Lyons at [email protected].

Accedere is an end-to-end Cybersecurity Audit/Assessment and Managed Security Services (MSSP) firm. As a Colorado CPA firm registered with PCAOB, and CSA, we specialize in Cloud Security and Privacy, helping clients navigate the evolving risks in today’s digital landscape. With cyber risk now the 3rd biggest risk in business, we provide deep expertise in evaluating Cyber Governance Maturity to safeguard your data. As CSA STAR auditors, we engage with CSP’s towards achieving CSA STAR compliance.

Our GRC automation tool Controllo is AI-powered and designed to streamline cyber compliance with frameworks like SOC 2, ISO 27001 (ISMS), and ISO 27701 (PIMS) & CSA’s CCM. Controllo helps manage risks across Assets, Organizational Risks, and Vendor Risks, leveraging NIST CSF 2.0 for comprehensive risk management.

We offer compliance audits focusing on SOC 1, SOC 2, and SOC 3 reports and as an ISO/IEC Certification Body for ISMS, PIMS, BCMS,SMS and AIMS (Artificial Intelligence) along with CSA STAR Audits.

From our India-based Security Operations Center (24x7 CSOC), we provide AI-driven monitoring and threat detection, powered by Microsoft Sentinel. Our real-time alerts on intrusions and Indicators of Compromise (IOCs) are supported by advanced assessments like Penetration Testing, Breach and Attack Simulation, and Configuration Reviews.

With years of experience auditing both large enterprises and SMBs, we bring exceptional capabilities and over 22 years of experience in Cyber, Cloud Security Assessments and Audits. Our business is led by Ashwin Chaudhary, an MBA, CPA, and certified expert with credentials including CCSK, CISSP, CISA, CISM, CEGIT,CRISC,CDPSE, and more.

For more information on how Accedere can protect your business, contact us at [email protected] or visit www.accedere.io

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to help mitigate cybersecurity risks. A-LIGN uniquely delivers a single-provider approach as a licensed SOC 1 and SOC 2 Auditor, accredited ISO 27001, ISO 27701 and ISO 22301 Certification Body, HISTRUST CSF Assessor firm, accredited FedRAMP 3PAO, candidate CMMC C3PAO, and PCI Qualified Security Assessor Company. Working with small businesses to global enterprises, A-LIGN experts and its proprietary compliance management platform, A-SCEND, are transforming the compliance experience. https://www.a-lign.com/service/csa-star

A-LIGN HQ
400 N. Ashley Drive, Suite 1325
Tampa, FL 33602
+1.888.702.5446

Armanino is a top 20 accounting and consulting firm focused on delivering a depth of knowledge, a range of services and a consistent and responsive team. Within Armanino’s Trust practice is a dedicated team focused on delivering security and compliance attestations and certifications. Armanino looks to customize and tailor security and compliance solutions to meet the needs to clients where they are and for future growth. We work with small business through to global enterprises to deliver a unique technology enabled solution for SOC 1, SOC 2, and SOC 3 attestations, HITRUST CSF Assessor Firm, CSA Star Attestation and PCI Qualified Security Assessor Company.

Attinkom LLC is a Licensed CPA and PCAOB registered firm with offices in United States and India. We specialize in providing cybersecurity and IT security compliance services to clients globally. Our expertise, experience, and skills make us uniquely positioned to serve the emerging needs of our clients as they evolve.

Guided by our motto – ‘We verify your trust’, Attinkom’s objective is to be the best in everything we do, turning our experience and industry knowledge into value for our clients. We tailor our audit approach to the needs and characteristics of each client and invest time to get acquainted with each client’s business, processes, and systems.

Our core competency lies in conducting assessments based on industry-leading frameworks such as SOC 1, SOC 2, SOC 3, ISAE 3000, ISAE 3402, CSA Star Attestation, HIPAA, and GDPR, empowering organizations to navigate the complexities of regulatory compliance with confidence and efficiency.

Attinkom LLC
1201 N Orange Street Suite # 7424
Wilmington Delaware 19801-1186

Contact
Website: www.attinkom.com
Email: [email protected]
Phone: +1 (302)-691-9076

BARR Advisory is a cloud-based security and compliance solutions provider specializing in cybersecurity consulting and compliance for companies with high-value information in cloud environments like AWS, Microsoft Azure, and Google Cloud Platform. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries including technology, financial services, healthcare, and government.

Learn more at www.barradvisory.com or contact us at [email protected].

BARR Advisory services include:
Compliance Program Assistance
SOC 1 Examinations
SOC 2 and 3 Examinations
SOC for Cybersecurity
PCI DSS Assessment Services
ISO 27001 and 27701 Assessments
FedRAMP Security Assessments
HIPAA/HITECH Services
HITRUST Services
Penetration Testing and Vulnerability Assessments
Virtual CISO Services

BSI Global HQ
389 Chiswick High Road London W4 4AL United Kingdom [email protected] +44 20 8996 9000

BSI Americas
12110 Sunset Hills Road, Suite 200 Reston, VA 20190-5902 [email protected] Telephone: 1.800.862.4977

International offices
BSI has 58 offices serving over 80,000 clients in 150 countries To find the office closest to you visit: http://www.bsigroup.com/

CAS Assurance, LLC is a CPA firm based in Miramar, Florida, assisting entities with their taxes and accounting, attestation, compliance, and cybersecurity governance needs. With services designed to meet the specific and unique needs of each client, our team of experienced and resourceful consultants provide better insights for better solutions and results. Our services are aimed at helping clients to improve operational efficiency, cybersecurity risks governance, accountability, and privacy regulatory compliance posture to facilitate an overall healthy, secure, compliant, and thriving organization.

CAS Assurance, LLC cybersecurity and compliance related services include attestation for SOC 1 and 2, SOC for Supply Chain, and Cloud Security Alliance (CSA) STAR. We assist clients with audit readiness assessment and gap remediation, including developing or enhancing requisite security policies and procedures for leading standards, frameworks, and regulations such as NIST SP800-53, CSF, ISO27001, ISO27017, CCM, PCI-DSS, HIPAA, CMMC, SWIFT CSC, CCPA, and GDPR. Our consulting services also include helping clients to implement a SaaS solution from our partner for continuous monitoring, maintenance, and maturation of organization cybersecurity and compliance efforts.

https://www.casassurance.com/

Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, healthcare, retail, payments, and financial industries. Coalfire's approach addresses each businesses' specific vulnerability challenges, developing a long-term strategy to prevent security breaches and data theft. Coalfire provides advisory and assessment services for cyber security and compliance in DoD SRG, FISMA/FedRAMP, HIPAA/HITRUST, PCI DSS, PCI PA-DSS, ISO 27001, SOC and technical testing services such as penetration testing, social engineering and forensics. Coalfire has offices throughout the United States and Europe.

CyberGuard Compliance is a PCAOB registered CPA Firm based in the United States and serving clients around the globe. Our leadership team has over 150 years of combined business management, operations and related information technology (IT) experience. CyberGuard Compliance has performed thousands of SOC audits, and unlike most traditional CPA firms which focus on financial statement auditing and tax compliance,CyberGuard Compliance focuses on Cybersecurity (InfoSEC) and IT security compliance related services.

CyberGuard Compliance, LLP 6720 N. Hualapai Way, Suite 145-306 Las Vegas, Nevada 89149
866-480-3485
Email: [email protected]
Website: https://www.cgcompliance.com/

Deloitte provides attest-related services to a broad cross-section of the largest corporations and governmental agencies. Deloitte’s independent assessments of an organization’s control procedures establish whether existing controls/processes meet management objectives and demonstrate controls to customers and their auditors through reporting and integrated requirements.

Our Third-Party Assurance services value by helping clients with:

Reporting and audit requirements: SOC 1, SOC 2, SOC 2+ with CSA Cloud Controls Matrix, and SOC 3 reports (based on AICPA and ISAE guidance); Custody Rule; agreed-upon procedures (AUP); and other attest reports. Deloitte also offers a full suite of FISMA, CMMC and FedRAMP readiness and 3PAO certification services.

To learn more about how Deloitte’s Third-Party Assurance services can help your organization, contact us.

EntPerMaSys Consulting and Advisory Services LLC is a Delaware registered CPA Firm that undertakes SOC 1/ SOC 2 / SOC 3 attestations, ISO27001 / ISO27701 / ISO42001 and HIPAA / GDPR and Indian DPDPA consulting , gap assessments and auditing services, and is also an approved HITRUST External Assessor firm with a presence in Bangalore, India .

With a small, but highly trained and experienced team of consultants, EntPerMaSys is a nimble, responsive and THE Go To CPA firm for small and medium sized entities' information security and privacy compliance requirements. At the same time, we have a list of large MNCs' corporate level SOC reporting as well as Offshore Development Centres of large IT MNCs among our rapidly growing list of clients too.

US Address

500 DELAWARE AVE, STE 1 1960, WILMINGTON , DE 19899

Bangalore Address

No 6, Ward No 65, Vinir Towers, BDA 1ST STAGE, BTM Layout, Bengaluru, Karnataka - 560068

Website

www.entpermasys.com

EY CertifyPoint HQ
Antonio Vivaldistraat 150 1083 HP Amsterdam The Netherlands [email protected]http://www.ey.com/certifypoint

International offices
Founded in 2002, EY CertifyPoint is an accredited independent and impartial certification institute with experienced auditors all over the world certifying some of the top international organizations. Being related to the global EY organization, EY CertifyPoint is able to provide you with a local contact person in nearly every country world-wide. For more information, please visit http://www.ey.com/certifypoint.

Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton has revenues of $1.92 billion and operates more than 50 offices. We’re not the professional services firm you think you know. We believe business should be more personal and that the strongest results start with trust. We’re different. And that’s a good thing.

iExperts is a leading audit consultancy services company, deliver it’s world class service for elite customers in UK, EU, ME and USA. with high level of quality and professionalism.

With +20 years of experience in Information Security and GRC services, iExperts is driven by a relentless commitment to surpassing customer satisfaction, achieving world-class quality, and delivering excellence in every facet of the professional services.

iExperts services including:

SOC 2 and 3 Examinations

SOC for Cybersecurity

CSA STAR

PCI DSS implementations Services

PCI 3DS implementations Services

PCI Pin-Security implementations Services

ISO 27001, 22301, 9001, 27701, 14001, 45001, 20000-1, 27017, 27018 implementation Services

Compliance Program management

Penetration Testing and Vulnerability Assessments

Audit Services

Virtual CISO

Security Awareness

Professional Training Services

Contact information:

Services Email Address: [email protected]

Training Email Address: [email protected]

Website: www.iExperts.uk

London Office

2 Lakeside Dr, Park Royal, NW107FQ, London, United Kingdom Tel:+44 77 87 36 1560

Dubai Office

Building A1,Dubai Silicon Oasis, DDP, Dubai, United Arab Emirates Tel: +971 4228 5285

Cairo Office

D1, GrEEK Campus West, Mall of Arabia, 6th October City, Giza, Egypt Tel:+2 02 38 260 709

Choose Insight Assurance for unparalleled audit services led by experienced industry experts. Our global presence ensures consistent and reliable support for clients worldwide, employing cutting-edge technologies for efficient and transparent auditing. We prioritize your experience through dedicated teams, customer success managers, and a 24-hour SLA via Slack, embodying a client-centric approach. With a foundation in former Big-4 auditors with over 20 years of industry experience, our Tampa-based global team operates 24/7, serving 600+ clients across 50+ countries. Experience quality, simplicity, and clear communication with Insight Assurance, where over 90% of clients benefit from maximized automation in compliance processes.

KEN & Co. CPA LLC, Montana, USA
CPA firm specialising in SOC Attestation, CSA Star Attestation, and Cybersecurity

We are a CPA firm and a CSA Level 2 attestation partner, specialising in SOC Attestation, CSA Star Attestation, and Cybersecurity audits. Our extensive experience in conducting Third-Party Risk Management (TPRM) reviews for enterprise clients allows us to offer enhanced insights and a thorough approach to the CSA Level 2 attestation process.

With a team of highly qualified professionals, including CPAs, CAs, CISAs, ISO 27001 Lead Auditors, CDPSE, and CCSK, we deliver tailored digital risk assessments designed to help businesses proactively manage threats and meet rigorous industry standards. By combining our deep expertise in TPRM and cybersecurity, we empower organisations to strengthen their security frameworks and confidently address the evolving challenges of the digital landscape.

KirkpatrickPrice is a licensed CPA firm, PCI QSA, and a HITRUST CSF Assessor, registered with the PCAOB, providing assurance services to over a thousand clients in North America, South America, Asia, Europe, and Australia. The firm has more than a decade of experience in information security by performing assessments, audits, and tests that strengthen information security practices and internal controls. KirkpatrickPrice most commonly performs assessments on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST CSF, GDPR, ISO 27001, FISMA, and FERPA frameworks, as well as advanced-level penetration testing. For more information, visit www.kirkpatrickprice.com, connect with KirkpatrickPrice on LinkedIn, or subscribe to our YouTube channel.

Kompleye is a recognized global cybersecurity and compliance organization that offers a one-stop comprehensive solution for multiple cybersecurity models, frameworks, and regulatory compliance.

We have in-depth knowledge and extensive experience in different industries, which will ensure a successful assessment to meet your company’s cybersecurity and compliance posture.

We are uniquely qualified to perform multiframework audits including:

  • AICPA - SOC 1, SOC 2, SOC 3 and other SOC assessments (SSAE-18)
  • ISO 27001 – Information Security Management Systems and
  • ISO 27701 – Information Privacy Management Systems
  • HITRUST
  • FedRAMP
  • CMMC
  • Privacy Compliance (GDPR, CCPA, etc.) and both
  • CSA Star Certification
  • CSA Star Attestation
  • AICPA – Direct Examinations (SSAE-21)

Our management team has more than 30 years of combined experience working for Big 4 firms, and across different industries and companies’ sizes; and we will provide the most efficient attestation approach for your company. For more information please visit: www.kompleye.com or contact us at [email protected].

KPMG provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

Cloud services provided based on CSA best practices:

  • Cloud Security Strategy
  • Cloud Security Architecture
  • Cloud Supplier Assessment and Due Diligence


LBMC is a leader in IT Security, helping mid-market and Fortune 500 clients assess their cybersecurity, reduce risk, and protect their sensitive data. With such heavy regulatory and public scrutiny of security and privacy practices, our experienced IT compliance and audit specialists guide you through the maze of regulations. Our team is uniquely qualified to conduct assessments against almost every cybersecurity framework that exists and simplify the process with our “Audit Once, Report Many” approach. LBMC IT assurance services include ACAB LADMF, FISMA, ISO 27001, SOX/COSO/COBIT, CMMC, HITRUST, PCI DSS, SOC, NIST 800-171, NIST 800-53, and CSA STAR assessments. For more information, visit www.LBMCInformationSecurity.com

Linford & Company LLP is a Denver-based Certified Public Accounting firm comprised of former “Big Four” auditors and Information Security experts. We perform SOC 1, SOC 2, and HITRUST audits, HIPAA compliance audits, FedRAMP security assessments, NIST 800-53 and 800-171 compliance assessments, ISO 27001 certification services, and penetration testing and vulnerability assessments for organizations around the world.


Our experience spans a wide range of global industries and organizations—from privately held small- and medium-sized businesses to Fortune 500 companies utilizing in-house and cloud-based environments. Our associates combine a unique, in-depth knowledge of the American Institute of Certified Public Accountants’ (AICPA) audit guidance and National Institute of Standards and Technology (NIST) standards with deep technical knowledge in a broad range of information and software technologies. The combination of our experience and our dedication to the highest professional standards consistently leads to positive audit experiences for our clients.

Marcum LLP is a national accounting and advisory services firm dedicated to helping entrepreneurial, middle-market companies achieve their goals. Understanding our clients’ businesses, helping them identify their needs and meet their challenges, and uncovering opportunities that propel them towards success is our mission. Marcum is committed to providing the most thorough, insightful, and expeditious service, according to the highest ethical standards.

Our consulting and audit professionals are seasoned, trained service consultants. Our advisory team has Big 4 and high-profile consulting experience, and all team members have at least one industry-accepted certification, including CPA, CISA, CISSP, CCSFP, GWAPT, GPEN, and QSA, and/or a Master’s degree in finance or accounting.

The leaders in of risk advisory practice bring more than 100 years of combined public accounting experience, industry knowledge and a long history working with small private firms up to Fortune 500 clients on information technology and compliance initiatives. Our risk advisory team focuses on the delivery of high quality ISO 27001, ISO 27701, PCI DSS, SOC 1/2/3 reporting, and HITRUST certifications.

Moss Adams is a fully integrated professional services firm dedicated to growing, managing, and protecting prosperity. With over 4,400 professionals across more than 30 locations in the market capitals of the West and beyond, we work with the world’s most innovative, dynamic, and promising clients and markets. Through a full spectrum of accounting, consulting, and wealth management services, we bring the deep industry specialization and inspired thinking our clients seek. Since we put down roots in the Pacific Northwest more than 100 years ago, we’ve steadily expanded to serve clients not only in the West, but also across the nation and globally. Our full range of services includes accounting (assurance and tax), consulting (cybersecurity, strategy & operations, transactions, and specialty), as well as individual and institutional wealth management.

Moss Adams is one of the 15 largest US accounting and consulting firms and a founding member of Praxity, a global alliance of independent accounting firms providing clients with local expertise in the major markets of North America, South America, Europe, and Asia.

PKF Antares is a dynamic audit and consulting firm which provides a wide range of professional services including but not limited to CSA STAR Level 2 attestation, SOC 1, 2, and 3, Cybersecurity – strategy, security, prudence, & resilience, ESG, SOX/CSOX, Internal audit, financial audit, etc. Our firm is based out of Calgary, Canada with offices in Red Deer and Toronto. We are connected to 220 firms within the PKF global network with a shared commitment to quality, integrity, and the value creation in a complex regulatory environment. We can provide you with world-class, value adding solutions in IT compliance, Assurance, Advisory, Taxation and Business Services anywhere in the world. Our clients including CAS STAR Level 2 and SOC are from across Canada, USA, and South America. All our professionals at management level have years of experience with “Big 4” professional accounting and advisory firms. As a firm with diverse workforce, we can communicate with you in many different languages i.e., English, Russian, Punjabi, Chinese…

Our firm adopted the Internal Standard on Quality Management (ISQM 1 and 2). All our engagements are under an independent monitoring program to ensure compliance with ISQM standards and quality assurance requirements. As a client, you are guaranteed to receive the highest quality and services from PKF Antares.

Prescient Assurance is a Certified Public Accounting (CPA) firm licensed in the US and Canada with strong Cyber Security and Cloud Computing expertise. We are based in New York City but provide services to global clients. We are a 10-year-old reputable, high-quality, and affordable audit firm.

Prescient Assurance is a Leader in Compliance and Security Certifications for B2B SAAS companies. We have helped hundreds of small to mid-sized businesses and provide them SOC 1, SOC 2- Type 1 and Type 2 Audit, SOC 2 for Privacy, SOC 3, SOC for Cyber, SOC for Supply Chain, HIPAA/HITECH Attestation, GDPR Attestation, the US Drug Supply Chain Safety Act (DSCSA), the US 21st Century Cures (CURES) Act attestation, PCI ASV, PCI QSA, NIST CSF, SOC 2 + CSA STAR Level 2 third party attestation. We do help you with audit or mock exams on Technology Risk Assessment, FFIEC CAT, CMMC, NYDFS, Cyber Maturity Assessment CMMI, and M&A due diligence.

We work with large financial services, healthcare, and hi-tech enterprise as well as small businesses.

For more information, please reach out to [email protected] or call +1 646 209 7319 for a quote today.

PricewaterhouseCoopers Certification BV (hereafter: PwCC), part of the worldwide PwC network is a legal entity accredited for verification and certification services globally. PwCC is focused on building digital trust, by providing certification services for (Cloud) information security management (ISO27000 series and CSA STAR), business continuity (ISO22301), quality management (ISO9001) and information technology service management (ISO20000).

PwCC is committed to delivering our certification engagements to the highest quality standards. As such, PwCC is accredited to issue ISO27001, ISO9001and ISO22301 certificates by the Dutch accreditation body ‘Raad voor Accreditatie’. Our certification engagements are conducted according to the ISO17021-1 standard for certification of management systems, a standardised approach used by all accredited certification bodies. The actual overview of standards PwCC is accredited for can be found on the website of the ‘Raad voor Accreditatie’.

Organizations in a business-to-business environment are increasingly subject to requirements from customers, regulators and other stakeholders to demonstrate that information security, quality control and business continuity is up to standard from both a management system and controls perspective. PwCC is one of the few organisations that is capable of leveraging synergies resulting from overlaps between attestation frameworks (e.g. SOC1, SOC2, IRAP, HIPAA, GBLA, BSI C5, FDA, GXP, TISAX), management systems and different territories.

QRC stands as a preeminent global entity in the realm of certification, cyber security, and privacy compliance services. As a distinguished international certification institute, QRC excels in delivering Auditing and Certification services of global acclaim across a myriad of Governance, Risk, and Compliance (GRC) frameworks.

Our services are meticulously tailored to ensure the alignment of organizational information technology with business objectives, effectively manage risks, adhere to pertinent regulations, and assist organizations in achieving their aspirations with reliability, reduced uncertainty, and compliance adherence.

QRC prides itself on being a technology-driven security and compliance ally, garnering trust from over 500 global entities to counteract cybersecurity threats. Our unique service model offers a consolidated provider approach as a licensed entity, extending certifications and a comprehensive range of cybersecurity and privacy compliance and assessment services.

We provide Assessment & Certification services for various frameworks like:

Payment Card Industry Audit and Certification like PCI DSS, PCI 3DS, PCI SLC, PCI SSF, PCI PIN, PCI P2PE etc.,

ISO Certifications like ISO 27001, ISO 27701, ISO 9001, ISO 27017, ISO 27018

Licenced CPA firm to Perform SOC 1 and SOC 2 (SSAE Attestations)

Recognized SWIFT CSCF Assessment Provider

CSA STAR Certification

Security Assessments (Vulnerabilities Assessments and Penetration Testing) Services

The QRC auditing team of more than 50+ auditors possess the experience in wide range of business scopes of industrial and business sectors and offers its customers compliance assessments and certification services internationally GDPR, HIPAA, CCPA among others.

Richey May's risk management and audit expertise goes beyond traditional services; our insights, innovation, and market intelligence, powered by professionals joining us from the industries we serve, enable our clients to achieve more through full-service, custom-designed, strategic, and cost-effective audit programs. With deep expertise in challenging markets, our professionals have industry-leading certifications and unparalleled knowledge. Our deliverables are designed to create sustainable change, making risk management not an expense, but a strategic investment in smart growth. Richey May has been a trusted name in financial services and other regulated industries for almost four decades. Our commitment to excellence has not gone unnoticed, being named a Top 100 Firm by Inside Public Accounting and Accounting Today in 2022 and 2023. In addition, Richey May Advisory received recognition as a Mortgage Tech 100 and Mortgage Tech Trendsetter by Housing Wire, and the firm won the prestigious Excellence in Firm Culture award from Inside Public Accounting.

4010 W Boy Scout Boulevard, Suite 600

Tampa, FL 33607
Telephone: 1.866.254.0000 Outside of the United States, please dial: +1.973.854.4684

We are setting the pace and blazing new trails. We are the only company in the world capable of providing our clients the rare opportunity to achieve multiple compliance objectives through a single independent assessor — using experienced teams dedicated to delivering the highest quality.

For more information visit www.schellman.com

Securisea is one of only a handful of audit firms in the world certified to provide CSA STAR, ISO27001 and 27701, SOC2, SOC1, PCI DSS, FedRamp/StateRAMP 3PAO, HITRUST & HIPAA assessments all under one roof.

Our integrated compliance approach allows us to leverage our client’s existing security controls from other frameworks directly into each engagement, reducing overhead and work duplication. As experts in a wide variety of security control frameworks, we can provide a comprehensive solution for all of your security assessments.

Top Tier Expertise, Excellent Customer Experience

For over 18 years our team has been helping clients of all sizes focus on their core business, helping to address their compliance needs with little to no impact to their engineering schedules and time to market. You’ll work with an experienced team of consultants that understand what you need because we’ve been there, with extensive corporate security experience as well as exceptional credentialing expertise. We personalize our services for your unique timing and requirements, with a comprehensive approach that operates inside and outside the network perimeter, through application and network layers, and across cloud-based and hybrid online environments.

We’ll be by your side throughout the entire process, resulting in a best-in-class customer experience.

Consulting Services

In addition to formal assurance services, Securisea parent company provides consulting services span the entire security landscape, including but not limited to:

●Penetration testing

●Compliance whitepapers

●Security architecture

●Web application security

●Secure code reviews

●Training

●Secure software development lifecycle

●Security policy development

●Reverse engineering

●Risk assessments/risk management

●Cryptography

To learn more about the companies that rely on Securisea, Inc. for their critical assessments and consulting needs, visit http://www.securisea.com.

Contact Information

POC: Josh Daymont
E-mail: [email protected]
Founded: 2006
Address: 2501 Chatham Rd Suite 4573 Springfield, IL 62704
Phone: 877-563-4230

Weaver is a CSA Global Consultancy Program partner with broad experience in the Cloud Service Provider space from Fortune 50 global providers that offer everything under the sun to smaller niche SaaS providers. Whether you provide bare metal infrastructure, container orchestration, server-less architecture, content delivery, or software as a service we can help. Our experience has given us the unique ability to quickly take technical concepts and architectures and help providers discern where they are and where they need to be in the ever growing world of governance, risk management, compliance (GRC), and security.

As a full service CPA firm, we can draw on experience across industries and regulatory environments to offer you a more holistic approach to assist you in building trust and assurance with your customers and stakeholders. Whether you’re seeking Third Party Assurance for your customers (STAR, SOC1, SOC2, PCI, HIPAA, ISO27001), Continuous Monitoring and other security or IT assessments for internal reporting (NIST CSF, DHS CRR, COSO, COBIT, CMMC) or accounting, tax and financial reporting services (SOX, FFIEC) for your investors, shareholders and other stakeholders, Weaver can help.

With more than 3,000 associates and 84,000 clients, Wipfli ranks as one of the top 20 accounting and advisory firms in the nation. Wipfli helps its clients craft innovative strategies and transform digitally to achieve financial and operational efficiencies and drive growth. Learn more at wipfli.com.

Certified Auditors for CSA C-STAR Assessment

Certified Auditors
Contact Info

CEPREI HQ No.110 Dongguan Zhuang RD. Guangzhou, P.R.China Telephone: +86-20-87236606 [email protected] As a leading provider of management system certification body in China and the first Executive Member of CSA in Asia, CEPREI Certification Body Provides information security related professional services such as ISO20000 & ISO27001 certification, risk assessment, IT governance, Business Continuity Management etc. Also, newly launched C-STAR assessment scheme is provided to help our client fully understand cloud security issues they’re facing and how to put the appropriate controls in place. CEPREI Certification Body with unique legal status is a registrar authorized and accredited by national department and/or accreditation bodies home and abroad, to conduct third-party certification. It grew out of Inspection Division of China Electronic Product Reliability and Environmental Research Institute (the Fifth Electronic Institute) established in 1956, which is the first scientific research organization at national level engaged in product quality and reliability research in China. As early as 1979, CEPREI Certification Body introduced the concept of Certification into China. Ever since then CEPREI has issued more than ten thousand certificates of various types to its clients. It sets foot in all administrative regions in mainland China and other countries and regions including Hongkong Special Administration Region, Taiwan, USA, German, Holland, Denmark, Australia, Japan, Korea, Malaysia, Thailand and Singapore. As one of the most authoritative accreditation bodies in the world, America National Standard Institute-Registrar Accreditation Board (ANAB) has authorized CEPREI Certification Body to issue ISO9000, ISO14000 and ISO27001 certificates with ANAB logo since 2001. The certificate will be helpful for your products and services in improving reputation and enhancing competitiveness home and abroad.