

Cybercompliance made easy
Phone: 720-201-4581

NAICS CODES 541519 | 541618 | 541690 | 519190 | 541990


ABOUT US
RisX LLC is a woman-owned, boutique cybercompliance and IT advisory firm providing tailored services to private and public sector organizations.
RisX makes addressing cybercompliance simple:
-
Client business mission is paramount; cybersecurity is not an end unto itself
-
No techno-babble – we explain in common sense business terms
-
No complexity – we make it practical
EXPERIENCED
RisX has over 25 years of successfully providing highly tailored IT, Security, and Compliance solutions utilizing a broad knowledge of cybercompliance within diverse environments in both private and public entities across all market sectors.
RisX's Relevant Industry Certifications
-
CISSP – Certified Information Systems Security Professional
-
PMP - Project Management Professional
-
GPEN – GIAC Ethical Hacker
-
GSLC – GIAC Security Leadership
-
CISA – Certified Information Systems Auditor
-
GLEG – GIAC Legal (Data Protection Laws)
-
CFE – Certified Forensic Examiner
-
Lead ISO Auditor
RisX's Expertise in Industry Standards and Best Practices
-
NIST
-
ISO/IEC 27001
-
SANS Top 20 Critical Security Controls
-
PCI
-
Numerous others
THE PROBLEM
Rapidly Evolving Risks
Given how rapidly new technologies emerge and evolve, cybersecurity threats change at the same pace, and it can be hard for companies to keep up with cybercompliance requirements.
Continued Costly Data Breaches
The average cost of a data breach to companies worldwide is $3.3 million and continues to climb year over year. These breaches lead to expanding cybercompliance requirements.
Complex Cybercompliance Requirements
Over 70% of companies are subject to compliance with more than five standards/
regulations within separate governing bodies, making it challenging for companies to normalize compliance efforts.
Cost of Compliance
In 2020, businesses spent $1.8 million on average to meet compliance requirements, and nearly half spend close to 20,000 hours annually maintaining compliance with multiple frameworks on six or more different systems.
Continuously Changing Threatscape
Based on the continuously changing cybersecurity threatscape, cybercompliance requirements are being updated regularly.
THE SOLUTION
Tailored Services
Your company is unique and we recognize that your cybercompliance and IT needs are also. We tailor our services to fulfill your needs and fit within your overall business goals and budget.
Right-Sized Solutions
Solutions are not one-size-fits-all. We develop the most simple, yet effective solutions to fit your problems. We work with you to develop a solution that balances cost and benefit.
Practical Approach
RisX approaches each client engagement with the goal of providing a feasible and realistic scope of work which can be practically phased to meet the client requirements.
While cybercompliance problems are often complex,
RisX provides simple, straight-forward solutions to managing these risks.

Our Services
The support you need, when you need it, in the way you need it. RisX provides custom solutions and flexible, scalable engagements. Our primary services focus on:
Advisory
We combine our expertise from working with numerous clients in a variety of industries to help you build or mature and manage a customized Information Security Risk Management Program that's just right for you — and our staff has the capabilities and experience to actually do it. This could include an on-going Program which will allow your company to proactively Identify, Respond to, and Manage IT Risks within the tolerances of the company.
Cybercompliance
RisX examines what organizations are doing to manage their cybersecurity risks in this dynamic and disruptive world of cybersecurity. We strategize, using smart tools and diverse resources, to understand the implications of every risk/reward decision. We provide readiness assessments for ISO27K, NIST, GDPR, PCI, SOC and other attestation testing, as well as general risk assessments based on your industry requirements or unique business environment.
Remediation Support
We provide remediation support services to assist organizations in meeting their cybercompliance objectives. Based on the results of a readiness or risk assessment, RisX can provide the right resources to help remediate weaknesses in the environment to show compliance and secure the organization's information assets.
Cybercompliance Roadmap of Services
Customized Risk Assessment
Conduct Risk Assessment based on organization's requirements (ISO27K, NIST, Top 20 CSC, GLBA, HIPAA, PCI, etc.)

Privacy Assessment
Compliance Testing
Identify Assessment Needs
Support Services
Obtain an understanding of your organization's individual cybercompliance needs (regulatory, contractual, best practices, etc.)
Most common assessments:
- Risk Assessment
- Compliance Testing
- Privacy Assessment
- Audit Readiness Prep
Assess the organization's privacy controls against all applicable regulations (State - CCPA, GDPR, etc.)
Based on the outcome of the Assessment(s), the organization may wish to engage us for remediation and/or other cybersecurity support services
Perform compliance testing for numerous cybersecurity frameworks in accordance with all organizational requirements
Audit Readiness Preparation
Conduct "mock audits“ and/or audit preparatory services for: PCI, ISO27K, SOC2, NIST, CMMC, etc.
Deliverables
Gap Assessment ▪ Prioritized Remediation Roadmap ▪ Executive Summary of Risk Assessment ▪ Compliance Testing ▪ Privacy Assessments ▪ Compliance Crosswalk of Applicable Controls and Frameworks




Meet The Team

Kelly Fuller-Gordon
Founder, Managing Director
Kelly has over 25 years of Information Technology, Risk Management, Cybersecurity and Compliance experience. She founded RisX with the goal of providing simple, yet highly effective, solutions to complex cybercompliance problems.
Prior to founding RisX , Kelly’s professional career spanned roles including CISO for an entertainment company, Head of Cybersecurity for a Tier 2 MSO Telecom Company, National Director of Risk Advisory Services at a professional consulting firm, and Information Security and Technology Risk Officer for a regional financial institution.
Her ability to clearly articulate information technology and cybersecurity information in clear business terms with no techno-babble is rare and with her strong leadership and communication skills, she ensures that RisX encapsulates the belief and ideal that every client should be treated as the most important client.

Rachelle Smith, PMP
Director
Rachelle is a skilled professional with over 23 years of extensive business experience in multiple aspects of organizational development, process optimization, IT risk management/ cybersecurity program management, audit logistics, client relationship management, and project/program management within the private and public sectors across
multiple industries.

Nicole Landau, CFE, CCA
Director
Nicole has more than 10 years of experience in governance, risk, and compliance roles across a wide range of industries. She brings varied audit and advisory services to clients including, business risk assessment, internal control design and operating effectiveness, forensic investigation, and financial, operational,
and IT audits.

Kaitlyn Martinez
Director
Kaitlyn brings over 10 years of Information Technology, Business Process Optimization, Risk and Audit experience in support of clients within the finance/banking, entertainment and government markets.

OUR CLIENTS
The RisX Team has a broad base of clients across all industry sectors.


Financial - Charles Schwab • First Data • Western Union • Bank of America • Empower Retirement • Security Finance Co • Cobiz Financial • Advance America • Sunflower Banks • The Madison Companies / Madison Ventures Plus

Technology - Ui Path (Cloud Elements) • LIVEwired • IntraNext • RSM Advisory Services

Utilities & Critical Infrastructure - Wide Open West (ISP) • Duquesne Light Co • ConEdison (NYC) • National Renewable Energy Laboratory (NREL) • NASA • Tennessee Valley Authority (TVA) • Vectrus • City of Boulder, Colorado

Healthcare - Yale University • Predictive Technology • PCM • Novir Wellness

Construction & Design Development - Angeles Madison Residential • Inline Management • DAE Group • Redfire Group

Manufacturing & Engineering - Ball Corporation • Gates Corporation • Spectrum King LED

Entertainment - Virgin Produced • KAABOO, LLC • Madison Entertainment 2.0

Retail - Cura.te • Michaels Arts & Crafts
Simplify...
Don't let cybercompliance overwhelm you — contact RisX and discover how our services can benefit your company.