Compliance

Summary

Building upon the robust features of our standard offering, we offer a supplemental program designed to address the awareness needs of companies juggling a variety of compliance mandates, contractual obligations or framework restrictions. 

The varied requirements - including HIPAA, PCI, GLBA, Common Security Framework (CSF), ISO, FTC Red Flag and many others - can lead to a confusing, ad-hoc awareness program that is non-effective or, worse yet, non-compliant with one or more obligations.  

North Wonders integrates this required content into your organization's larger awareness program.  Users benefit from receiving consistent themes, messaging, and objectives - helping them to continually grow as well rounded security minded-individuals.   

Content

In addition to the standard content delivered as part of our standard offering, North Wonders offers content designed to addresses requirements of third-party agencies.   Most companies work with data governed by either regulations or standards which lay out specific security awareness requirements.  Dealing with healthcare, personally identifiable or credit card data comes with the obligation to train staff on relevant threats.   

By utilizing common messaging and channels that the users are already used to seeing, the delivery of awareness content pertaining to HIPAA, PCI and Red Flag is more meaningful and effective.  

Gap Analysis

Keeping track of the varied requirements for an awareness program can be complicated.  As part of this offering, North Wonders will perform a gap analysis to ensure your company is meeting regulatory, contractual or standards-based obligations for user awareness.   

This process includes compiling requirements from the various applicable laws, frameworks, and standards.  This will be compared against the current awareness focused controls in place.  The resulting document will then highlight any required components missing from your security awareness program.