Snapshot About Us

Cyber Risk Management | Cybersecurity is a Team Sport
Sera-Brynn is a veteran owned and operated, cybersecurity firm focused on audits and assessments, cyber risk management, and incident response. The headquarters are in Chesapeake, Virginia near the seven cities of Hampton Roads: Norfolk, Portsmouth, Hampton, Newport News, Suffolk, Chesapeake, and Virginia Beach. Our Compliance, Audit, Risk Control and Cyber Incident Response services have been trusted by organizations in every industry, of every size. ISO/IEC 17020:2012 and FedRAMP certified.

Working Hours

Monday - Friday 09:00AM-16:00PM
Saturday - Sunday CLOSED

info@sera-brynn.com

757-243-1257

Top

Security Controls Compliance Assessments

Business man with an assessment checklist. Man writing and drawing v sign check marks with hand and finger in square box

Sera-Brynn provides formal, comprehensive security assessments based on global and U.S. security frameworks and regulations. Sera-Brynn’s security controls assessments are a formal method to evaluate an organization’s security gaps and create a roadmap for closing those gaps.

Our certified assessors can:

  • Document technical and process deficiencies
  • Write documentation, including System Security Plans and Incident Response Plans
  • Perform formal risk assessments
  • Conduct vulnerability assessments and help interpret the results
  • Brief executives on the business implication of identified deficiencies
  • Evaluate and make recommendations on technology solutions and measures
  • Advise on compliance and regulatory standards
  • Provide ongoing consulting
  • Perform re-assessments
  • Perform security testing and training

 

Sera-Brynn has a range of assessment services against a breadth or compliance frameworks. Assessment can range from high-level gap assessments to full compliance assessments with policy documentation, technical scans, and remediation recommendations. Formal, independent “audits” and compliance validations are available.

 

Some of the frameworks we advise on and perform assessments against, include:

FedRAMP

FISMA

HIPAA Security Rule

 

NIST SP 800-53

NIST SP 800-171

DFARS 7012

CMMC

HIPAA Security Rule

GDPR

Model NAIC Regulations

PCI-DSS

SSAE-16 (SOC2)

 

Compliance Framework Mapping is available (e.g., mapping and/or leveraging completed assessments to support the completion of other security framework).

 

Assessment services include a full report that includes an executive summary, discussion of the assets at risk, documentation of the controls in place, and recommendations on how to address gaps based on the organization’s business or operational requirements.