top of page

Information Security
Program Development

The security and protection of information has become a critical priority for organizations. Nearly every industry has regulations defining standards and guidelines for the management and security of information, and many information security frameworks exist to provide direction (NIST Cybersecurity Framework and ISO 27000 are two examples of industry agnostic frameworks).

Information Security Programs may include the following components:

  • Governance Structure such as a Security Risk Management Committee

  • Information Security Strategy

  • Information Security Program Roadmap

  • Risk Assessment

  • Identification of Roles & Responsibilities

  • Security Infrastructure & Architecture Design

  • Security Awareness & Training

  • Policies & Procedures

  • NIST System Security Plans (SSP)

  • Risk Management

  • Vendor Security Management

  • Incident Response & Management

  • Business Continuity & Disaster Recovery Management

  • Tabletop Exercises

  • Asset Management

  • Security Program Metrics & Monitoring

  • Virtual / Fractional Information Security Officer / CISO

BluTinuity can assist your organization with developing or optimizing your Information Security Program in a way that is risk-focused and right-sized.

Children's Wisconsin

"Children’s Wisconsin (formerly Children's Hospital of Wisconsin) has partnered with BluTinuity for over 4 years as a trusted advisor in the devising of our Information Security strategy. Scott Owens remains a trusted advisor, and continues to assist in the refinement of Children's practices through Security Risk Assessments and further strengthening our Business Continuity Management (BCM) and Disaster Recovery Planning (DRP) programs. Many of the strides made in our practice over the past four years have been a direct effect of Scott’s experience and expertise in brainstorming solutions regarding these issues. Scott has proven himself an incredibly valuable business partner for Children's – we look forward to partnering with Scott and his team from BluTinuity for years to come."

Zinatt Technologies

"Zinatt has worked closely with Blutinuity for a few years now and we have enjoyed working with Scott as he prepared us for our SOC 2 audit. In working with Scott we are now SOC 2 Type II certified and HIPAA Compliant with the professional guidance he has provided us which is unparallel. We could not have done it without Scott and his knowledge in the tech security space. We will continue to use BluTinuity and would highly recommend to anyone looking to get their SOC 2 certification or any other security certifications/reports for their organization."

Benefit Services Group

"Scott Owens has been a friend of The Benefit Services Group (BSG®) for nearly a decade. BSG® recently hired BluTinuity to assist with closing some gaps in our information security program identified in an audit. BluTinuity has provided a structured yet flexible approach helping our team accomplish our goals at a pace within the context of our multi-year security strategy. BluTinuity has also provided a number of great templates as a starting point, and guided us through a smooth implementation. Scott’s client-based focus and commitment push us to get better at the management and protection of information security.  We appreciate his partnership and expertise. We would recommend his services to any organization needing assistance with the development of a security program."

Related Blog Posts:

bottom of page