Drummond conducts risk assessments leveraging NIST 800-53 to identify technical and administration risks, provide risk mitigation recommendations.
How can we help you?
Relevant and timely controls for Federal businesses.
Based on controls documented in ISO 27002, Drummond’s Comprehensive Healthcare Risk Assessment (CHRA) is a method of evaluating the business and operational risks and controls of an organization. Its objectives are to determine compliance with NIST Cybersecurity Framework Controls, assess how technology and operational risks are managed and controlled, as well as evaluate the overall risk exposure to the company and its customers.
Additionally, this assessment summarizes existing controls and provides recommendations for remediating any deficiencies. These technical services include vulnerability scanning, penetration testing, database assessments, social engineering, network security architecture assessments and wireless assessments.
Why choose Drummond?
There is a lot at stake. Our staff has deep experience in certification; we’re not cutting our teeth on your project. When you work with Drummond, you experience a team of highly skilled professionals that bring a code of honesty, empathy, and advocacy to each engagement. Our team will help you achieve compliance and certification and look for ways to help you pursue comprehensive compliance in the service of the greater good for your business.
We focus on quality from every angle. In many cases, our staff are the people who created the frameworks everyone else tests to. We bring an exclusive and proven methodology to each engagement and look for ways to improve and be more efficient at every step of the project. We take ownership and accountability of our work as we help you mitigate risk and achieve positive outcomes.
Ask any of our clients, they will tell you that the Drummond difference is its people. The people of Drummond listen carefully, and tailor solutions to your unique business and situation. Experience our team of highly skilled experts and proven methodologies and unique approach to help you achieve compliance for regulatory information security mandates. Our team will help you test critical applications for standards conformance and interoperability and gain certifications for your long-term success. Increase trust, gain expertise and experience our unique approach and attention to detail as we partner with you for your long-term success.