top of page

NAICS CODES  541519  |  541618  |  541690  |  519190  |  541990

Cybercompliance and IT Risk Management


RisX will partner with your company to identify and reduce your cybersecurity risks and simplify compliance so that you can focus on growing your business and maintaining the trust of your clients, business partners, and employees.

Young Businesswomen


RisX LLC is a woman-owned, boutique cybercompliance and IT advisory firm providing tailored services to private and public sector organizations.

RisX makes addressing cybercompliance simple:

  • Client business mission is paramount; cybersecurity is not an end unto itself

  • No techno-babble – we explain in common sense business terms

  • No complexity – we make it practical



RisX has over 25 years of successfully providing highly tailored IT, Security, and Compliance solutions utilizing a broad knowledge of cybercompliance within diverse environments in both private and public entities across all market sectors.

RisX's Relevant Industry Certifications

  • CISSP – Certified Information Systems Security Professional​

  • PMP -  Project Management Professional

  • GPEN – GIAC Ethical Hacker​

  • GSLC – GIAC Security Leadership​

  • CISA – Certified Information Systems Auditor​

  • GLEG – GIAC Legal (Data Protection Laws)​

  • CFE – Certified Forensic Examiner

  • Lead ISO Auditor

RisX's Expertise in Industry Standards and Best Practices

  • NIST

  • ISO/IEC 27001

  • SANS Top 20 Critical Security Controls

  • PCI

  • Numerous others

 THE PROBLEM            

Rapidly Evolving Risks

Given how rapidly new technologies emerge and evolve, cybersecurity threats change at the same pace, and it can be hard for companies to keep up with cybercompliance requirements. 

Continued Costly Data Breaches

The average cost of a data breach to companies worldwide is $3.3 million and continues to climb year over year. These breaches lead to expanding cybercompliance requirements.

Complex Cybercompliance Requirements

Over 70% of companies are subject to compliance with more than five standards/ 

regulations within separate governing bodies, making it challenging for companies to normalize compliance efforts.

Cost of Compliance

In 2020, businesses spent $1.8 million on average to meet compliance requirements, and nearly half spend close to 20,000 hours annually maintaining compliance with multiple frameworks on six or more different systems.

Continuously Changing Threatscape

Based on the continuously changing cybersecurity threatscape, cybercompliance requirements are being updated regularly. 

 THE SOLUTION             

Tailored Services

Your company is unique and we recognize that your cybercompliance and IT needs are also. We tailor our services to fulfill your needs and fit within your overall business goals and budget.

Right-Sized Solutions

Solutions are not one-size-fits-all. We develop the most simple, yet effective solutions to fit your problems. We work with you to develop a solution that balances cost and benefit.

Practical Approach

RisX approaches each client engagement with the goal of providing a feasible and realistic scope of work which can be practically phased to meet the client requirements. 

While cybercompliance problems are often complex,

RisX provides simple, straight-forward solutions to managing these risks.

Our Services
Working with Laptops

Our Services

The support you need, when you need it, in the way you need it.  RisX provides custom solutions and flexible, scalable engagements. Our primary services focus on:


We combine our expertise from working with numerous clients in a variety of industries to help you build or mature and manage a customized Information Security Risk Management Program that's just right for you — and our staff has the capabilities and experience to actually do it.  This could include an on-going Program which will allow your company to proactively Identify, Respond to, and Manage IT Risks within the tolerances of the company.


RisX examines what organizations are doing to manage their cybersecurity risks in this dynamic and disruptive world of cybersecurity. We strategize, using smart tools and diverse resources, to understand the implications of every risk/reward decision.  We provide readiness assessments for ISO27K, NIST, GDPR, PCI, SOC and other attestation testing, as well as general risk assessments based on your industry requirements or unique business environment.

Remediation Support

We provide remediation support services to assist organizations in meeting their cybercompliance objectives. Based on the results of a readiness or risk assessment, RisX can provide the right resources to help remediate weaknesses in the environment to show compliance and secure the organization's information assets. 

Cybercompliance Roadmap of Services

Customized Risk Assessment

Conduct Risk Assessment based on organization's requirements (ISO27K, NIST, Top 20 CSC, GLBA, HIPAA, PCI, etc.)

Privacy Assessment

Compliance Testing

Identify Assessment Needs

Support Services

Obtain an understanding of your organization's individual cybercompliance needs (regulatory, contractual, best practices, etc.)


Most common assessments:

 - Risk Assessment

 - Compliance Testing

 - Privacy Assessment

 - Audit Readiness Prep

Assess the organization's privacy controls against all applicable regulations (State - CCPA, GDPR, etc.)

Based on the outcome of the Assessment(s), the organization may wish to engage us for remediation and/or other cybersecurity support services

Perform compliance testing for numerous cybersecurity frameworks in accordance with all organizational requirements

Audit Readiness Preparation

Conduct "mock audits“ and/or audit preparatory services for:  PCI, ISO27K, SOC2, NIST, CMMC, etc.


Gap Assessment ▪ Prioritized Remediation Roadmap ▪ Executive Summary of Risk Assessment ▪ Compliance Testing ▪ Privacy Assessments ▪ Compliance Crosswalk of Applicable Controls and Frameworks

Leaves Shadow

Meet The Team


Kelly Fuller-Gordon

Founder, Managing Director

Kelly has over 25 years of Information Technology, Risk Management, Cybersecurity and Compliance experience.  She founded RisX with the goal of providing simple, yet highly effective, solutions to complex cybercompliance problems.​


Prior to founding RisX , Kelly’s professional career spanned roles including CISO for an entertainment company, Head of Cybersecurity for a Tier 2 MSO Telecom Company, National Director of Risk Advisory Services at a professional consulting firm, and Information Security and Technology Risk Officer for a regional financial institution.

Her ability to clearly articulate information technology and cybersecurity information in clear business terms with no techno-babble is rare and with her strong leadership and communication skills, she ensures that RisX encapsulates the belief and ideal that every client should be treated as the most important client.

Cropped 3x4_edited.jpg

Rachelle Smith, PMP

Rachelle is a skilled professional with over 23 years of extensive business experience in multiple aspects of organizational development, process optimization, IT risk management/ cybersecurity program management, audit logistics, client relationship management, and project/program management within the private and public sectors across

multiple industries.


Nicole Landau, CFE, CCA

Nicole has more than 10 years of experience in governance, risk, and compliance roles across a wide range of industries.  She brings varied audit and advisory services to clients including, business risk assessment, internal control design and operating effectiveness, forensic investigation, and financial, operational,

and IT audits. 

KMartinez Pic.jpeg

Kaitlyn Martinez

Kaitlyn brings over 10 years of Information Technology, Business Process Optimization, Risk and Audit experience in support of clients within the finance/banking, entertainment and government markets.  

Law Consultation


The RisX Team has a broad base of clients across all industry sectors. 

Computer Store

FinancialCharles Schwab • First Data ​• Western Union ​• Bank of America • Empower Retirement • Security Finance Co ​• Cobiz Financial ​• Advance America • Sunflower Banks • The Madison Companies / Madison Ventures Plus

TechnologyUi Path (Cloud Elements) • LIVEwired • IntraNext • RSM Advisory Services

Utilities & Critical Infrastructure Wide Open West (ISP)​ • Duquesne Light Co​ • ConEdison (NYC)​ • National Renewable Energy Laboratory​ (NREL) • NASA​ • Tennessee Valley Authority (TVA)​ • Vectrus •  City of Boulder, Colorado

Healthcare - Yale University • Predictive Technology • PCM • Novir Wellness

Construction & Design Development - Angeles Madison Residential • Inline Management • DAE Group • Redfire Group

Manufacturing & EngineeringBall Corporation • Gates Corporation • Spectrum King LED

EntertainmentVirgin Produced​ • KAABOO, LLC​ • Madison Entertainment 2.0

RetailCura.te • Michaels Arts & Crafts

Our Clients


Don't let cybercompliance overwhelm you — contact RisX and discover how our services can benefit your company.



bottom of page