Solid policies, standards, procedures and practices provide the foundation of an effective information security program only when they are well documented and consistently enforced. Periodic tests and controls reviews ensure that the organization meets its information security objectives and properly documents those efforts.


    Federal and State laws and regulations, coupled with complex industry specific rules, have created compliance requirements that may seem overwhelming to many organizations. Security Compliance Associates has helped hundreds of diverse clients achieve their respective compliance goals. When it comes to information security requirements, contact SCA. We guarantee your information security compliance.


    Identifying and evaluating risks and vulnerabilities are critical steps in establishing an effective information security program. Security Compliance Associates’ skilled professionals can help your organization identify and evaluate risks, and determine effective strategies for eliminating unnecessary risks and managing those risks that cannot be eradicated.

Security Compliance Associates

Security Compliance Associates brings a strong team of experienced professionals to deliver superior services coupled with an unparalleled partnership approach. The team has provided security related services to hundreds of financial institutions, healthcare providers, municipalities and many businesses required to safeguard critical information, regardless of media. Our broad and deep solutions cover the latest regulatory requirements and security threat environment that pose risk to the success of your organization. At SCA, we provide individual customized programs based on the size and complexity of your organization. Let SCA be your partner with the ongoing and ever changing challenges of information security and compliance.

Agency guidance followed includes, but is not limited to:

  • Gramm-Leach-Bliley Act
  • FFIEC, NCUA Reg 748
  • FDIC, OCC, SEC, FINRA and other agency guidance
  • HIPAA Security Rule 45 CFR Parts 160 & 164
  • HITECH Act
  • OCR
  • American Land and Title Association (ALTA) Best Practices Pillars 1 – 7

Methodologies followed include, but are not limited to:

  • NIST SP 800-30, 800-53, 800-53(A), 800-66
  • NIST Cybersecurity Framework
  • FFIEC Cybersecurity Assessment Tool
  • CIS Critical Security Controls
  • ISO 27001