NAICS CODES 541519 | 541618 | 541690 | 519190 | 541990
RisX LLC is a woman-owned, boutique cybercompliance and IT advisory firm providing tailored services to private and public sector organizations.
RisX makes addressing cybercompliance simple:
Client business mission is paramount; cybersecurity is not an end unto itself
No techno-babble – we explain in common sense business terms
No complexity – we make it practical
RisX has over 25 years of successfully providing highly tailored IT, Security, and Compliance solutions utilizing a broad knowledge of cybercompliance within diverse environments in both private and public entities across all market sectors.
RisX's Relevant Industry Certifications
CISSP – Certified Information Systems Security Professional
PMP - Project Management Professional
GPEN – GIAC Ethical Hacker
GSLC – GIAC Security Leadership
CISA – Certified Information Systems Auditor
GLEG – GIAC Legal (Data Protection Laws)
CFE – Certified Forensic Examiner
Lead ISO Auditor
RisX's Expertise in Industry Standards and Best Practices
SANS Top 20 Critical Security Controls
Rapidly Evolving Risks
Given how rapidly new technologies emerge and evolve, cybersecurity threats change at the same pace, and it can be hard for companies to keep up with cybercompliance requirements.
Continued Costly Data Breaches
The average cost of a data breach to companies worldwide is $3.3 million and continues to climb year over year. These breaches lead to expanding cybercompliance requirements.
Complex Cybercompliance Requirements
Over 70% of companies are subject to compliance with more than five standards/
regulations within separate governing bodies, making it challenging for companies to normalize compliance efforts.
Cost of Compliance
In 2020, businesses spent $1.8 million on average to meet compliance requirements, and nearly half spend close to 20,000 hours annually maintaining compliance with multiple frameworks on six or more different systems.
Continuously Changing Threatscape
Based on the continuously changing cybersecurity threatscape, cybercompliance requirements are being updated regularly.
Your company is unique and we recognize that your cybercompliance and IT needs are also. We tailor our services to fulfill your needs and fit within your overall business goals and budget.
Solutions are not one-size-fits-all. We develop the most simple, yet effective solutions to fit your problems. We work with you to develop a solution that balances cost and benefit.
RisX approaches each client engagement with the goal of providing a feasible and realistic scope of work which can be practically phased to meet the client requirements.
While cybercompliance problems are often complex,
RisX provides simple, straight-forward solutions to managing these risks.
The support you need, when you need it, in the way you need it. RisX provides custom solutions and flexible, scalable engagements. Our primary services focus on:
We combine our expertise from working with numerous clients in a variety of industries to help you build or mature and manage a customized Information Security Risk Management Program that's just right for you — and our staff has the capabilities and experience to actually do it. This could include an on-going Program which will allow your company to proactively Identify, Respond to, and Manage IT Risks within the tolerances of the company.
RisX examines what organizations are doing to manage their cybersecurity risks in this dynamic and disruptive world of cybersecurity. We strategize, using smart tools and diverse resources, to understand the implications of every risk/reward decision. We provide readiness assessments for ISO27K, NIST, GDPR, PCI, SOC and other attestation testing, as well as general risk assessments based on your industry requirements or unique business environment.
We provide remediation support services to assist organizations in meeting their cybercompliance objectives. Based on the results of a readiness or risk assessment, RisX can provide the right resources to help remediate weaknesses in the environment to show compliance and secure the organization's information assets.
Cybercompliance Roadmap of Services
Customized Risk Assessment
Conduct Risk Assessment based on organization's requirements (ISO27K, NIST, Top 20 CSC, GLBA, HIPAA, PCI, etc.)
Identify Assessment Needs
Obtain an understanding of your organization's individual cybercompliance needs (regulatory, contractual, best practices, etc.)
Most common assessments:
- Risk Assessment
- Compliance Testing
- Privacy Assessment
- Audit Readiness Prep
Assess the organization's privacy controls against all applicable regulations (State - CCPA, GDPR, etc.)
Based on the outcome of the Assessment(s), the organization may wish to engage us for remediation and/or other cybersecurity support services
Perform compliance testing for numerous cybersecurity frameworks in accordance with all organizational requirements
Audit Readiness Preparation
Conduct "mock audits“ and/or audit preparatory services for: PCI, ISO27K, SOC2, NIST, CMMC, etc.
Gap Assessment ▪ Prioritized Remediation Roadmap ▪ Executive Summary of Risk Assessment ▪ Compliance Testing ▪ Privacy Assessments ▪ Compliance Crosswalk of Applicable Controls and Frameworks
Meet The Team
Founder, Managing Director
Kelly has over 25 years of Information Technology, Risk Management, Cybersecurity and Compliance experience. She founded RisX with the goal of providing simple, yet highly effective, solutions to complex cybercompliance problems.
Prior to founding RisX , Kelly’s professional career spanned roles including CISO for an entertainment company, Head of Cybersecurity for a Tier 2 MSO Telecom Company, National Director of Risk Advisory Services at a professional consulting firm, and Information Security and Technology Risk Officer for a regional financial institution.
Her ability to clearly articulate information technology and cybersecurity information in clear business terms with no techno-babble is rare and with her strong leadership and communication skills, she ensures that RisX encapsulates the belief and ideal that every client should be treated as the most important client.
Rachelle Smith, PMP
Rachelle is a skilled professional with over 23 years of extensive business experience in multiple aspects of organizational development, process optimization, IT risk management/ cybersecurity program management, audit logistics, client relationship management, and project/program management within the private and public sectors across
Nicole Landau, CFE, CCA
Nicole has more than 10 years of experience in governance, risk, and compliance roles across a wide range of industries. She brings varied audit and advisory services to clients including, business risk assessment, internal control design and operating effectiveness, forensic investigation, and financial, operational,
and IT audits.
Kaitlyn brings over 10 years of Information Technology, Business Process Optimization, Risk and Audit experience in support of clients within the finance/banking, entertainment and government markets.
The RisX Team has a broad base of clients across all industry sectors.
Financial - Charles Schwab • First Data • Western Union • Bank of America • Empower Retirement • Security Finance Co • Cobiz Financial • Advance America • Sunflower Banks • The Madison Companies / Madison Ventures Plus
Technology - Ui Path (Cloud Elements) • LIVEwired • IntraNext • RSM Advisory Services
Utilities & Critical Infrastructure - Wide Open West (ISP) • Duquesne Light Co • ConEdison (NYC) • National Renewable Energy Laboratory (NREL) • NASA • Tennessee Valley Authority (TVA) • Vectrus • City of Boulder, Colorado
Healthcare - Yale University • Predictive Technology • PCM • Novir Wellness
Construction & Design Development - Angeles Madison Residential • Inline Management • DAE Group • Redfire Group
Manufacturing & Engineering - Ball Corporation • Gates Corporation • Spectrum King LED
Entertainment - Virgin Produced • KAABOO, LLC • Madison Entertainment 2.0
Retail - Cura.te • Michaels Arts & Crafts