• About Us
• Accounting & Tax
• Consulting
• Our Valued Clients
• Our Team

• Management Consulting
• Information Security and Compliance
• Technology Consulting
• Philosophy and Approach
• Value Proposition

Highlights

FDH Consulting is a Qualified Security Assessor

Security and Compliance Services to Protect Your Valuable Assets

Ever-evolving compliance requirements can be daunting without a trusted partner to analyze your business and find the most sensible approach.

Never before have security and compliance concerns been more important for organizations of all sizes, both public and private. FDH Consulting provides the expertise and resources to help you manage risks and meet a wide range of compliance requirements.

Business Continuity/Disaster Recovery – Unplanned and unexpected challenges to your business can be catastrophic if not properly planned and managed. Our services include planning, policy and procedure development, and testing for systems, facilities and key resources.

Enterprise Risk Management (ERM) – Whether responding to proxy requirements, ratings agencies or just wanting to better understand and manage your risks, we’ll conduct thorough ERM interviews and surveys to evaluate your company’s risk profile. We’ll also help you improve your risk mitigating activities.

GLBA – We’ll help financial institutions meet requirements of the Gramm-Leach-Bliley Act to protect the nonpublic personal information of their customers.

HIPAA / HITECH – We’ll help you find the best approach to comply with the rigorous and far-reaching privacy and security regulations. New HITECH regulations have expanded the reach and raised the bar for these regulations, including expanded responsibilities for business associates (BA).

Identity Management Solutions – We will help you select the right tools and implement the solution or review or properly configure your existing application.

IT Risk Advisory – The need and challenges of effective IT risk management have never been greater or more challenging. Increasingly, companies are opting for network penetration tests to identify risks or weaknesses and improve the security profile of your organization.

• Network Penetration Tests
• Network Security Reviews
• Risk Assessments
• Vulnerability Assessments
• Web Application Penetration Test

PCI – As a Qualified Security Assessor (QSA), we assist with all phases of compliance, including the performance of network penetration tests.

• Pre-assessments
• Self-assessment questionnaire (SAQ)
• Report on Compliance (ROC)
• Penetration Tests
• Remediation

Sarbanes-Oxley (Section 404) – Our knowledgeable accounting and technology resources and extensive experience with Sarbanes-Oxley (SOX) projects offer the solutions and practical guidance your company needs.

SAS 70 (SSAE 16)/ WebTrust™ / SysTrust™* – The need for assurance is ever increasing. Companies turn to us because of our experience with internal controls, but even more important for finding the best and most efficient path to meet these obligations. For Companies considering an assurance program, such as a SAS 70, we can complete a Readiness Assessment to identify compliance gaps and work with you to help resolve them.

• Security Information and Event Management (SIEM) Solutions – We will provide the expertise to help you select and implement the right solutions for your business. We can assist in selecting the right application for your needs and budget as well as implement and maintain the solution.

Software License Audits – Avoid costly payments from improper software usage by working with us to ensure license compliance or help with a vendor license audit.

*SAS 70 / WebTrust / SysTrust services provided by Frasier, Dean & Howard, PLLC.