HomeSearchSitemap


Corporate Governance
Internal Control
IT Audit Services
IS Security Assessment Services
Sarbanes Oxley Compliance
Other Legal Compliance Services
Fruad & Forensic Evidence
Fruad Prevention and Detection Services
Accounting Forensic Services
Digital Forensic Services
eDiscovery Services
Litigation Support Services
 
 
Our Team
Contact Us
Overview of Other Regulatory Compliance

With limited resources, understanding the intricacies of regulations makes compliance a difficult and time-consuming task for small to medium size businesses. Additionally, the ever-increasing requirements of the recent legislation governing the security and privacy of sensitive information - both commercial and personal - affect businesses in most industries. Spry Control offers a comprehensive set of services supported by a team of subject matter experts that can help small to medium business comply with the applicable regulatory guidelines. Spry Control has a standard methodology for regulatory compliance that may include all or some of the following components:
  • Establishment of a framework and associated expertise to address key business risks, including a monitoring function to independently verify the execution of ongoing risk mitigation activities as Governance Support
  • Evaluation of the current state in relation to the established regulatory compliance as part of Readiness Assessment and identification of any gaps development of an actionable plan to correct them for Remediation Support
  • Design of an action plan to customize and implement the controls required to achieve compliance for Implementation Support
  • Oversight of your compliance programs, using industry best practices and Spry Control's extensive knowledge base as Oversight Support
  • Assess internal and external security vulnerabilities
  • Assist with the implementation of administrative and technical recommendations.
Our Regulatory Compliance

Spry Control is actively involved in Sarbanes Oxley Compliance services to the clients. In addition, Spry Control helps clients in compliance to regulations listed below mostly for small to medium businesses:
  • The Gramm-Leach-Bliley Act (GLBA) compliance is mandatory for financial institutions to have a policy and supporting infrastructure to protect the consumers' nonpublic information from foreseeable threats in security and data integrity. GLBA requires the financial institutions (defined broadly to include several businesses) to follow the following rules:
  • The Financial Privacy Rule to provide each consumer with a privacy notice atleast annually. The privacy notice must explain the how consumer information is collected, shared, used, and protected. The consumer has a right of opting-out and unaffiliated parties are held accountable to the terms of privacy policy
  • The Safeguards Rule mandates risk analysis on their current processes and to develop a written information security plan that describes how the company is prepared for, and detailed plans to continue to protect clients' nonpublic personal information.
  • Risk analysis on the current processes and exchange of information with the unaffiliated institutions
  • Anti-Money Laundering (AML) is the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities and report on transactions of suspicious nature. Spry Control helps clients streamline the process to perform due diligence by having proof of a customer's identity and that the use, source and destination of funds do not involve money laundering (AML) and Anti-Terrorist Financing (ATF)
  • Spry Control automates the process with software applications that effectively monitor bank customer transactions on a daily basis and, using customer historical information and account profile, provide a "whole picture" to the bank management.
  • Monitor and test Suspicious Activity Reports (SAR) and Cash Transaction Reports (CTR) to assess the effectiveness of the internal processing and also policy enforcement.
  • Help implement appropriate due diligence measure to fulfill Customer Acceptance Policy (CAP).
  • Remediation of any gaps identified in the above process.
  • We help healthcare clients comply with Title II of The Health Insurance Portability and Accountability Act (HIPAA) more specifically:
  • Implement and assess Privacy Rules to assure confidentiality and proper control to guard against unauthorized disclosure of Patient Health Information (PHI).
  • Implement and facilitate correct EDI Transaction sets in a secured and reliable manner.
  • Review, assess and remediate administrative, physical and technical (hardware and software) security measures to comply with required and addressable security standards under Security Rules. This review extends to application controls and IT General Controls.
  • Businesses and government agencies storing personal information on California residents have to implement safety procedures under California's Database Security Breach Notification Act (SB 1386 for short) that safeguard the data and disclose any breach of security to the individuals affected. Spry Control helps client in assessing the current state and remediation plan to comply with SB 1386 or other privacy laws:
  • SB-1386 requires encryption of personally identifiable information to avoid penalties under strict security breach. This specifically created exemption testifies to the protection that encryption provides. When sensitive data is encrypted, it is still protected even if it falls into the wrong hands.
  • Implement an ability to secure files exported to removable media.
  • Preparation and procedures and supporting documentation for advising the customers of any security breach in the customer privacy data, organization arrangements to entertain queries and exchange of information to avoid any penalties.


Corporate Governance              Internal Control            SOX Compliance
Information Security Service               eDiscovery            IT Audit