Snapshot About Us

Cyber Risk Management | Cybersecurity is a Team Sport
Sera-Brynn is a veteran owned and operated, cybersecurity firm focused on audits and assessments, cyber risk management, and incident response. The headquarters are in Chesapeake, Virginia near the seven cities of Hampton Roads: Norfolk, Portsmouth, Hampton, Newport News, Suffolk, Chesapeake, and Virginia Beach. Our Compliance, Audit, Risk Control and Cyber Incident Response services have been trusted by organizations in every industry, of every size. ISO/IEC 17020:2012 and FedRAMP certified.

Working Hours

Monday - Friday 09:00AM-16:00PM
Saturday - Sunday CLOSED



Security Controls Compliance Assessments

compliance assessment. image of a laptop keyboard with the word "assessment" is written on one of the keys.

Sera-Brynn provides formal, comprehensive security assessments based on global and U.S. security frameworks and regulations. Sera-Brynn’s security controls assessments are a formal method to evaluate an organization’s security gaps and create a roadmap for closing those gaps.

Our Certified Assessors Can:

  • Document technical and process deficiencies
  • Write documentation, including System Security Plans and Incident Response Plans
  • Perform formal risk assessments
  • Conduct vulnerability assessments and help interpret the results
  • Brief executives on the business implication of identified deficiencies
  • Evaluate and make recommendations on technology solutions and measures
  • Advise on compliance and regulatory standards
  • Provide ongoing consulting
  • Perform re-assessments
  • Perform security testing and training

Sera-Brynn has a range of assessment services against a breadth or compliance frameworks. Assessment can range from high-level gap assessments to full compliance assessments with policy documentation, technical scans, and remediation recommendations. Formal, independent “audits” and compliance validations are available.

Some of the frameworks we advise on and perform compliance assessments against, include:

  • FedRAMP
  • HIPAA Security Rule
  • NIST SP 800-53
  • NIST SP 800-171
  • DFARS 7012
  • CMMC
  • GDPR
  • Model NAIC Regulations
  • SSAE-16 (SOC2)

Compliance Framework Mapping is available (e.g., mapping and/or leveraging completed assessments to support the completion of other security framework). Assessment services include a full report that includes an executive summary, discussion of the assets at risk, documentation of the controls in place, and recommendations on how to address gaps based on the organization’s business or operational requirements.

Need a comprehensive security assessment or want to learn more about our security controls assessments call or contact us today!

Follow Us!

Sera-Brynn Spooky Logo