Virtual CIO & Outsourced Chief Information Officer Services

In search of a virtual CIO/outsourced Chief Information Officer that can help save your business both time and money? Tired of the high-turnover with I.T. professionals and the high-salaries you have to pay for such services? We hear you loud and clear, and its why FLANK offers comprehensive virtual CIO/outsourced Chief Information Officer services to businesses all throughout North America, and beyond.

Regulatory compliance is here to stay, forcing businesses to spend considerable efforts in becoming – and staying – compliant with the alphabet soup of laws, regulations, and industry specific mandates.

Benefits of FLANK’s Virtual CIO Services

Immense Cost Savings: Saving tens of thousands of dollars each year on regulatory compliance costs is one of the real benefits of FLANK’s virtual CIO services and solutions. Just think – no expensive, six-figure payroll. No expenses relating to health and wellness and 401K expenses. With FLANK, you’ll receive a simple fixed fee each month, or an hourly agreed upon fee. Saving time and money, while also hiring the best and brightest in terms of a CIO are the real benefits when it comes to working with FLANK.

Efficiency and Expertise: FLANK’s team of virtual CIO’s are well-trained, well-educated, with years of relevant information technology, InfoSec, and cybersecurity expertise. With our personnel, there’s no “on the job training” needed. In fact, many of our personnel have extensive experience with Fortune 2000 companies, but also small, startup organizations.

Use Us ONLY When You Need Us: From a few hours a week to fifty + hours a week, or more, FLANK has the flexibility for meeting all of your CIO needs. What’s more, we also offer extensive regulatory compliance expertise for today’s demanding audits, such as PCI DSS, SOC 1/SOC 2, HIPAA, GDPR, and much more.

Continue reading
  4 Hits
4 Hits

Penetration Testing Companies San Antonio, TX | Fixed Fees

Looking for penetration testing companies in San Antonio, TX, then consider FLANK, a leading provider of network, cloud, wireless, and application penetration testing services for businesses throughout San Antonio. Simply complete FLANK’s quick-and-easy Penetration Testing Scoping Questionnaire today to receive a quote.

FLANK offers the following penetration testing services for San Antonio businesses:

Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT):Network Penetration TestingWebsite Application Penetration TestingApplication Penetration TestingCloud Penetration Testing (Amazon AWS, Azure, And Google Cloud Platform)Client-Side Penetration TestingWireless Penetration TestingSocial Engineering Penetration TestingBlack Box TestingWhite Box TestingGrey Box TestingPenetration testing for all types of regulatory compliance mandates

San Antonio – and the rest of the Texas Hill Country – are growing like never before, which also means that new companies establishing business will require penetration testing services against one’s in-scope information technology environment. FLANK’s penetration testers – and the services we provide – take place right here in Texas, nowhere else. We do not outsource any of our work like some providers, and we do not hire contract workers to perform penetration testing. It’s all in-house, which allows us to ensure a high degree of customer satisfaction, and security of our client’s information.

Learn About FLANK’s 5 Phases of Penetration TestingPhase I: Information Gathering and Planning: Phase I essentially involves properly scoping the penetration test in terms of information systems, goals, the type of testing to be performed (for which there are many).Phase II: Scanning: For Phase II, the pen tester can then begin “scanning”, a process of probing external/perimeter and/or internal devices for determining security flaws and weaknesses.Phase III: Simulated Attacks for Access: For Phase III, the pen tester can begin the process of actually exploiting the in-scope environment for the purpose of gaining access.Phase IV: Assessment of Access: This is where the “rubber meets the road” in terms of penetration testing as our pen tester begins the process of trying to exploit your network. Was he/she successful or were their adequate security safeguards in place? We won’t know until we perform access testing.Phase V: Post Penetration Testing Analysis & Recommendations: Getting the results you need, and in a format that’s comprehensive, easy-to-understand, and includes a detailed assessment of our findings is what we provide with our Phase VI pen test reporting.

Penetration testing is absolutely essential for many businesses in San Antonio, due primarily to the massive growth in regulatory compliance, but also for ensuring information security best practices are in place. It’s a dangerous world we all live in, with massive cybersecurity threats looming each and every day. You need to protect your network at all times, which means performing annual penetration testing from a proven and trusted provider in Texas, and that’s FLANK. Imagine the consequences of your network being hacked and sensitive client and/or consumer data being stolen? Unfortunately, it’s happening every day.

FLANK – San Antonio’s Penetration Testing Experts

Do you need a network, cloud, application layer, or wireless penetration test? Looking for a competent, well-trained, U.S. based firm for penetration testing services? Then get to know FLANK, Texas’ leading provider of high-quality penetration testing services for businesses in and around San Antonio. Much like Austin, San Antonio and the greater surrounding Texas Hill Country is experiencing phenomenal growth, which also means massive regulatory compliance and security requirements being imposed on businesses.

Continue reading
  4 Hits
4 Hits

Penetration Testing Services for Austin, TX Businesses

FLANK offers comprehensive, fixed-fee penetration testing services for Austin, TX businesses. Growing regulatory compliance reporting often requires annual penetration testing to be conducted for PCI DSS compliance, HIPAA, SOC reporting, FISMA, and more.

FLANK offers the following penetration testing services for Austin businesses (get a free quote on penetration testing services today with our easy-to-complete online portal):

Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT)Network Penetration TestingWebsite Application Penetration TestingApplication Penetration TestingCloud Penetration Testing (Amazon AWS, Azure, And Google Cloud Platform)Client-Side Penetration TestingWireless Penetration TestingSocial Engineering Penetration TestingBlack Box TestingWhite Box TestingGrey Box TestingPenetration testing for all types of regulatory compliance mandates

And not all penetration testing services are alike, not at all. With FLANK, all of our penetration testers – and testing activities – take place right here in Texas, and nowhere else. Many other companies boast of great fees and great services, but dig deeper, and they’re often using third-party contract services outside of the country. Do you really want to be giving sensitive credential information to a company outside of the country? Probably not, so turn to Austin’s penetration testing experts today at FLANK. To learn more, please complete our penetration Testing Scoping Questionnaire today to receive a quote.

Looking for the very best in penetration testing services in Austin, TX, a proven provider with great service and great fees? Then contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it., or simply complete FLANK’s quick-and-easy Penetration Testing Scoping Questionnaire today to receive a quote.

Learn About FLANK’s 5 Phases of Penetration TestingPhase I: Information Gathering and Planning: Phase I essentially involves properly scoping the penetration test in terms of information systems, goals, the type of testing to be performed (for which there are many).Phase II: Scanning: For Phase II, the pen tester can then begin “scanning”, a process of probing external/perimeter and/or internal devices for determining security flaws and weaknesses.Phase III: Simulated Attacks for Access: For Phase III, the pen tester can begin the process of actually exploiting the in-scope environment for the purpose of gaining access.Phase IV: Assessment of Access: Phase IV is where all the action happens when it comes to penetration testing. After all, this is where the pen tester actually begins the process of trying to exploit and compromise your systems. How successful was the pen tester in gaining access to sensitive client and corporate data? What security checks were in place for preventing access? The answers will come during this stage, and sometimes you may not like the results. Regardless, its why you perform pen testing – to determine the maturity of your controls, or lack thereof.Phase V: Post Penetration Testing Analysis & Recommendations: FLANK provides highly comprehensive, easy-to-interpret pen test results for your organization.

FLANK’s phased approach for penetration testing services are comprehensive, efficient, and top-notch. We want to ensure your organization is safe and secure from the constant threat of hackers and other nefarious attack vectors, so contact us today to learn more. Penetration testing is now a must for thousands of businesses throughout the Austin, TX area, due largely to regulatory compliance and growing security concerns. We have the expertise and manpower for conducting any type of penetration test you need, so let’s talk today.

Continue reading
  14 Hits
14 Hits

Network Penetration Testing Services Company – Fixed Fees

FLANK, a leader in cybersecurity & compliance, is a well-respected penetration testing services company offering industry leading pen tests for businesses all throughout North America. To learn more about our services, please complete our Penetration Testing Scoping Questionnaire today.

Penetration testing is absolutely essential for tens of thousands of businesses, and FLANK offers the following types of pen tests:

Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT)Network Penetration Testing“External” Network Penetration Testing“Internal” Network Penetration Testing“Network Layer” Penetration Testing“Application Layer” Penetration TestingWebsite Application Penetration Testing Application Penetration TestingCloud (SaaS, PaaS, and IaaS) Penetration TestingClient-Side Penetration TestingWireless Penetration TestingSocial Engineering Penetration TestingBlack Box TestingWhite Box TestingGrey/Gray Box TestingNorth America’s Leading Provider of Penetration Testing Services

From growing regulatory compliance mandates – such as PCI DSS, HIPAA, FISMA compliance, and more – to putting in place information security best practices, penetration testing is now a must for businesses all throughout North America. FLANK has the expertise and manpower for all of your penetration testing needs. Additionally, we offer fixed-fees, rapid report turnaround, and more. To learn more about our services, please complete our Penetration Testing Scoping Questionnaire today.

Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT)

Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT), while not an actual type of penetration test, OSINT is more of an essential initiative that must be undertaken for every penetration test performed. OSINT, as the name implies, requires a pen tester to undertake comprehensive measures for learning all about the in-scope environment/target systems that will be pen tested. The more a pen tester knows – especially for white box testing – the more value the test is, the safer the test is, and the more meaningful the results are.

A capable pen tester will take the time to learn everything they can for ensuring maximum benefits of the pen test performed. What’s more, when performed correctly, OSINT initiatives can actually identify security issues, gaps, and weaknesses within one’s environment before the pen test begins. 

Continue reading
  14 Hits
14 Hits

Different Phases and Stages of Penetration Testing

Learn more about the different phases and stages of penetration testing services, along with the different types of penetration tests that can be performed, courtesy of FLANK, a leading provider of cloud/SaaS, network, application, and social engineering penetration testing services. To learn more about our services, please complete our Penetration Testing Scoping Questionnaire today.

5 Phases of Penetration Testing

Phase I: Information Gathering and Planning: This phase involves properly scoping the penetration test in terms of information systems, goals, the type of testing to be performed (for which there are many). Additionally, this phase also includes gathering all necessary information and intelligence for ensuring the actual pen tester has sound knowledge of the in-scope environment/target host. The greater the understanding of the environment, the more meaningful the testing results, hence the importance of proper scoping.

Communication is the key during the information and gathering stage as both the pen tester and the client need to be very clear and in agreement on a wide-range of issues. Aggressive pen testers can actually damage an organization’s production environment. Likewise, clients who fail to provide a full and transparent understanding of one’s in-scope environment to a pen tester can result in a myriad of challenges. One of the keys for removing such issues is completing a comprehensive, well-written Penetration Testing Scoping Questionnaire.

Phase II: Scanning: Upon gaining a solid understanding of the in-scope environment, the pen tester can then begin “scanning”, a process of probing external/perimeter and/or internal devices for determining security flaws and weaknesses. Examples of such flaws generally include open ports and services, systems that have vulnerable operating systems and applications (largely due to patch management being ignored). In summary, a well-skilled pen tester provider – such as FLANK – is actively looking for holes to penetrate in your network – and quite often – we unfortunately find them. Note: “Scanning” is also known as Threat Modeling, Vulnerability Identification, or any other number of similar phrases.

Phase III: Simulated Attacks for Access: With possible security flaws and weaknesses now identified, the pen tester can begin the process of actually exploiting the in-scope environment for the purpose of gaining access. Once access is obtained, the pent tester will then push to see how far and deep they can go. Sometimes, access is limited, however, often they find themselves being able to access highly sensitive files and data. It’s important to ensure that scoping has been properly established for ensuring just how far and deep you want a pen tester to go.

Continue reading
  32 Hits
32 Hits

Network Penetration Testing Dallas, TX | Flat Fees

FLANK is a leading provider of penetration testing services for businesses all throughout the Dallas-Fort Worth metroplex. Founded by Texans who have a sincere passion for providing high-quality security, compliance, and governance solutions to Texas businesses, FLANK has been assisting Dallas businesses for years with comprehensive penetration testing services and solutions. Complete our quick-and-easy Penetration Testing Scoping Questionnaire today to receive a quote.

Penetration Testing for Security & Compliance Reporting

Perhaps PCI DSS compliance is requiring your organization to perform a pen test. Or maybe security best practices are pushing you forward in performing annual penetration testing. Whatever your needs are, FLANK is Dallas’ leading provider of penetration testing services, offering the following tests:

Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT)Network Penetration TestingWebsite Application Penetration TestingApplication Penetration TestingCloud Penetration Testing (Amazon AWS, Azure, And Google Cloud Platform)Client-Side Penetration TestingWireless Penetration TestingSocial Engineering Penetration TestingBlack Box TestingWhite Box TestingGrey Box TestingPenetration testing for Regulatory Compliance Mandates

It’s just amazing – astonishing, really – how much information technology continues to change and ultimately advance our lives. Simplicity and efficiency are now trademarks in so many things we do every day. From checking bank account balances to online grocery shopping, technology is everywhere today. Yet these very information systems that power our lives are also susceptible to growing cybersecurity attacks, and its why penetration testing has become such a common requirement.

After all, penetration testing is one of the very best measures for assessing the safety and security of one’s information technology architecture, and FLANK is Dallas’ leading provider of penetration testing services. Complete FLANK’s Penetration Testing Scoping Questionnaire today to receive a quote.

Network Penetration Testing Dallas, TX – Talk to FLANK

Penetration testing has become an annual requirement for thousands of businesses throughout the DFW area, and FLANK has the expertise, manpower, and capabilities for providing high-quality, fixed-fee penetration testing services. The Dallas economy is booming – and it’s only going to get bigger – which also means that regulatory compliance and security requirements will ultimately mandate pen testing for businesses all throughout the DFW area.

Continue reading
  24 Hits
24 Hits

Penetration Testing Company for Houston, TX Businesses – Flat Fees

Looking for penetration testing companies in Houston? Then turn to FLANK, one of Texas’ leading providers of comprehensive penetration testing services. We’ve performed hundreds of penetration tests for businesses all throughout the Lone Star State, offering set fees for a wide-range of penetration testing services. FLANK’s founders are native Texans, so we know H-Town inside and out, from the Woodlands to Sugarland, Kingwood to Katy.

Complete our quick-and-easy Penetration Testing Scoping Questionnaire today to receive a quote.

FLANK offers the following penetration testing services for Houston businesses:Reconnaissance, Intelligence and Open Source Intelligence Gathering (OSINT)Network Penetration TestingWebsite Application Penetration TestingApplication Penetration TestingCloud (SaaS, PaaS, and IaaS) Penetration TestingClient-Side Penetration TestingWireless Penetration TestingSocial Engineering Penetration TestingBlack Box TestingWhite Box TestingGrey Box TestingPenetration testing for all types of regulatory compliance mandatesHouston’s Penetration Testing Leader – Flat Fees

Services offered include White Box, Black Box, Grey/Gray Box testing, accompanied by internal, external, network layer, and application layer penetration testing, and much more. Whatever type of penetration test you need, FLANK delivers, on time, on budget, and without compromising critical systems within your development and/or production environment.

Bottom line, we do penetration testing the right way. After all, after performing literally hundreds of tests, we’ve put in place a methodology that’s efficient, comprehensive, yet also safe. When you’re looking for penetration testing companies in Houston, TX – or anywhere in the Lone Star State – talk to FLANK. Simply complete FLANK’s Penetration Testing Scoping Questionnaire today.

Comprehensive Penetration Testing Services for Houston Businesses

FLANK offers the following comprehensive penetrating testing services for Houston, TX businesses – all at fixed-fees:

Continue reading
  17 Hits
17 Hits

Gramm Leach Bliley (GLBA) and 23 NYCRR 500 Audit, Assessment, Compliance and Consulting Services

FLANK provides industry leading Gramm-Leach-Bliley (GLBA) and 23 NYCRR 500 audit, assessment, compliance, and consulting services to businesses throughout North America. With years of working in the highly regulated financial services and consumer services industry, FLANK offers an award winning GLBA Compliance Packet for helping financial services firms ensure rapid and complete compliance with all necessary provisions of the Gramm Leach Bliley Act.

Available for instant download, businesses will receive the following documentation contained within the GLBA Compliance Policy Packet from FLANK:

1. GLBA Information Security Program Template: The “GLBA Information Security Program” Template is the actual document that outlines an organization’s policies, procedures, and processes relating to GLBA compliance. It’s been developed exclusively by FLANK, and it’s an easy and convenient way to showcase compliance to customers, prospects, federal regulators, and other interested parties.

2. Information Security Policies and Procedures Manual: The true framework of any regulatory compliance mandate – especially GLBA compliance – are information security policies and procedures. Our GLBA Compliance Policy Packet comes complete with an in-depth set of policies and procedures that are robust, easy-to-use, and high-quality.

3. Employee Security Awareness Training Packet: What’s the very best way for ensuring the safety and security of organizational assets throughout an enterprise, while also sufficing for GLBA compliance – security awareness training – and it’s why our GLBA Compliance Policy Packet includes in-depth, comprehensive, and up-to-date security training materials. We offer a security awareness training manual for properly training and educating your employees on critical security issues, threats, and best practices for today’s cybersecurity world.

Continue reading
  52 Hits
52 Hits

DFARS NIST 800 171 Compliance Consultants for Washington DC, Northern Virginia, MD

FLANK provides comprehensive DFARS NIST 800-171 compliance services to federal contractors throughout the greater Washington D.C. metropolitan area, including Baltimore, Northern Virginia, and other surrounding locations.

The Department of Defense has begun a huge push for ensuring that federal contractors are in compliance with the new DFARS mandates; provisions that require implementation of NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. Many contractors are understandably overwhelmed when it comes to DFARS compliance – specifically – what systems are actually in scope and what steps are necessary for implementation of NIST SP 800-171?

DFARS NIST 800 -71 Compliance from Northern Virginia’s Federal Compliance Experts

Are you a federal contractor – prime or sub – located in the Washington, D.C., Northern Virginia, or Baltimore area in need of much-needed guidance and support services regarding DFARS compliance in accordance with the NIST SP 800-171 provisions? If so, then you’ll need to be aware of the following subject matter, best practices – and services offered by FLANK – for gaining a true understanding of DFARS 252.204-7012 compliance:Understand the Origins of DFARS 252.204-7012

While FISMA compliance – the Federal Information Security Management Act – was signed into law by President George W. Bush in 2002, federal contractors were still not being held to the truest of standards and measures for information security compliance. But in a post 9/11 and Edward Snowden world, that’s all changed, especially with DoD contractors. The Pentagon is serious about information security, so if you’re offering any type of service to the DoD – or other federal agencies – you’ll start seeing strict requirements for DFARS 252.204-7012 compliance, no question about it. FLANK offers comprehensive federal compliance services & policy and procedures writing services, so contact us today to learn more.

And on a side note, FISMA, was amended and updated in 2014, as is now known as the Federal Information Security Modernization Act.

Continue reading
  45 Hits
45 Hits

Virtual CTO, CIO & Outsourced Chief Compliance Officer, Technology Services

FLANK offers comprehensive virtual Chief Technology Officer (CTO), Chief Information Officer (CIO), and Chief Compliance Officer outsourcing services and solutions for businesses throughout North America. Don’t want to spend six-figure fees each year on a CTO, CIO, or Chief Compliance Officer role, yet still need the expertise of a proven professional for today’s security, governance, and regulatory compliance needs?

Then turn to FLANK and we’ll provide you with one of our proven professionals with years of relevant experience in your industry.

Top 5 Reasons for a Virtual/Outsourced CTO/CIO/CCO

1. Immense Cost Savings. Why pay a massive six-figure salary to a full-time employee when you can obtain all the necessary services needed at a fraction of the cost. Companies often spend unnecessary fees on full-time employees that simply don’t offer the value in comparison to their salary.

2. Expertise Only When You Need it. We only bill you when we’re working, so there’s no costs for downtime. Isn’t that how all businesses should be run? We think so! Need us for just a few hours a week, or possibly 50 + hours a week? We can work as little or as much as you need. It’s all about flexibility when it comes to FLANK’s virtual & outsourced CTO/CIO/CCO services.

3. Need Help with Audits? Does SSAE 18 SOC 1, SOC 2, SOC 3, PCI DSS, HIPAA, GDPR, FISMA – and more – sound familiar? If so, you’re not alone and FLANK can help assist with all aspects of annual compliance reporting. That’s right, we’ll plan, prepare and work side-by-side with the external auditors for ensuring a smooth, efficient, and successful audit process from beginning to end. We can even help remediate gaps and deficiencies found during the audit process. We can do it all, and at a fraction of the cost of a full-time CTO/CIO/CCO. Contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

Continue reading
  52 Hits
52 Hits

Dallas, TX Virtual & Outsourced, Contract Regulatory Compliance Officer & Services

FLANK provides industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Dallas, TX businesses. Want to save both time and money on annual compliance costs for PCI DSS, SOC audits (SOC 1 SSAE 18 and SOC 2), HIPAA, GDPR, and more? Then talk to the outsourcing compliance experts at FLANK today.

Top 5 Reasons for a Virtual/Outsourced Compliance Officer

1. Immense Cost Savings. W-2 salaries, health and wellness benefits, and more. Those are immense costs you’ll have to incur when hiring a full-time compliance officer. Is it really necessary? For some companies, yes, but for most companies, no! The solution is to hire FLANK and utilize our industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Dallas, TX businesses.

2. Let FLANK Handle Your Audits. One of the biggest reasons we’re brought on board is to assist with today’s growing regulatory compliance reporting mandates. From HIPAA to PCI DSS, SOC 1 SSAE 18, SOC 2, FISMA compliance, and more, FLANK has you covered. We can run your entire audit process from beginning to end, all at a fraction of the cost of a full-time compliance officer. From the initial audit kick-off meeting to remediation and testing of controls – and more – we can get the job done.

3. Expertise ONLY When You Need it. Need compliance help for 5 hours a week, all the way up to 50 hours, or more? We’ve got you covered with our flexible scheduling and bill rates that will fit your budget. Why spend tens of thousands of dollars on a compliance officer each year if they’re not needed?

4. Look and Feel of a Full-Time Compliance Officer. Simply give us an email address, assign us a formal title, and in literally minutes we’re up and running as your compliance officer. We’ll communicate with the auditors, inform management of current internal control policies and procedures, and so much more. There’s no long hiring process like a full-time compliance officer, just efficiency and scale when it comes to FLANK’s services.

Continue reading
  54 Hits
54 Hits

FISMA & NIST SP 800-53 and SP 800-171 Information Security Policies and Procedures

FLANK offers industry leading FISMA and NIST SP 800-53 and NIST SP 800-171 information security policies and procedures packets, along with custom writing services. In today’s growing world of national security and cybersecurity threats, the federal government has started to aggressively enforce the FISMA mandates signed into law in 2002 (then amended in 2014).

While federal agencies have been working hard on FISMA compliance since 2002, the private sector is now the focus, with contractors being required to adhere to the Federal Information Security Management Act of 2002 (FISMA) and the Federal Information Security Modernization Act of 2014 (FISMA). FISMA, like many of today’s security, governance, and compliance mandates, requires a vast amount of documentation to be in place – specifically – information security policies and procedures covering essential I.T. domains. From change management to incident response, data backup – and much more – the Federal Information Security Modernization Act of 2014 is all about documentation.

Offering FISMA | NIST SP 800-53 Policy Packets

Spending hundreds of internal hours – and ultimately, thousands of operational dollars – is not the preferred method for FISMA compliance. What you need are experts who can hit the ground running, developing all necessary documentation from easy-to-use and customize templates from FLANK. It’s important to note that the FISMA compliance framework is largely driven and established by the control criteria within (as of this writing in December, 2017), NIST SP 800-53, Revision 4, “Security and Privacy Controls for Federal Information Systems and Organizations”.

Not only does FLANK have the resources and manpower for helping businesses in North America become FISMA compliant, we also provide industry leading policies, procedures, forms, checklists – and more – that map directly to the current NIST SP 800-53 security control families and other relevant criteria. Spending tens of thousands of dollars on consulting services for policy writing doesn’t have to happen, thanks to the industry leading documents from FLANK.

The Department of Defense has also put forth numerous mandates for helping ensure the safety of Covered Defense Information (CDI), for which the NIST SP 800-171 framework applies.

Continue reading
  82 Hits
82 Hits

Houston, TX Virtual & Outsourced, Contract Regulatory Compliance Officer & Services

FLANK provides industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Houston, TX businesses. In today’s world of growing security and compliance reporting, you need a firm with experience, expertise and top-notch business credentials for getting the job done on time, and within budget.

When it comes to looking for a virtual, outsourced, and contracted regulatory compliance provider, then it’s time to get to know FLANK. Download the Virtual & Outsourced Regulatory Compliance Services Menu today and start saving thousands of dollars.

Top 5 Reasons for a Virtual/Outsourced Compliance Officer

(1). Immense Cost Savings. Do you really need to spend six-figures on a full-time regulatory compliance officer? Some companies actually do, but for those that don’t, FLANK’s virtual, outsourced, and contracted regulatory compliance service offerings are a perfect fit. We save you both time and money on compliance, and that’s a big win-win for your business.

(2). Expertise ONLY When You Need it. Don’t need a full-time compliance officer? Perhaps just a few hours a week, or more? It’s why businesses in Houston, TX are hiring FLANK for virtual, outsourced, and contracted regulatory compliance, and so should you. “Flexibility” is one of the biggest reasons to choose us!

(3). Look and Feel of a Full-Time Compliance Officer. It’s quick and easy to get our services up and running. All we need is an internal email, an official title, and we’re ready to help your business succeed in today’s growing regulatory compliance environment. Turn to the experts at FLANK for industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Houston, TX businesses.

Continue reading
  77 Hits
77 Hits

Austin, TX Virtual & Outsourced, Contract Regulatory Compliance Officer

FLANK provides industry leading virtual, outsourced, and contracted regulatory compliance officer services and solutions for Austin, TX businesses. Want to save tens of thousands of dollars each year on compliance salaries, then ditch the idea of a full-time, six-figured salary for a regulatory compliance officer, and use FLANK’s virtual, outsourced, and contracted regulatory compliance officer services instead.

We’re Texas’ leading provider of such services, helping you save both time and money on growing regulatory compliance costs. Security, governance, and compliance are important – no question about it – but it’s costing organizations so much money. There is a much more cost-effective and better solution, and it begins by talking to FLANK. Download the Virtual & Outsourced Regulatory Compliance Services Menu today.

Top 4 Reasons for a Virtual/Outsourced Compliance Officer

(1). Immense Cost Savings. The average salary of a compliance officer ranges from $75,000 to $145,000, or more. That’s a big payroll expense, especially if you’re not utilizing such services every day of the week. With FLANK’s virtual, outsourced, and contracted regulatory compliance officer services for Austin, TX businesses, you only use us when you need to!

(2). Expertise ONLY When You Need it. Do you really need a full-time regulatory compliance officer for 50 + hours a week, every week? Perhaps, but if not, FLANK offers the flexibility of working just a few hours a week to as many as 50 + plus hours a week. That’s right, we can work as little or as much as you want us to, that’s the difference – and the real value – when hiring FLANK for virtual, outsourced, and contracted regulatory compliance officer services and solutions for today’s growing businesses.

(3). Look and Feel of a Full-Time Compliance Officer. We can be up and running in literally minutes as your compliance officer. Just provide us an email address and other information, and you’ve now got the look and feel of a full-time compliance officer. Yes, it’s that easy! It’s also why businesses all throughout Austin, TX are turning to FLANK for virtual, outsourced, and contracted regulatory compliance officer services and solutions for today’s growing businesses.

Continue reading
  91 Hits
91 Hits

HITRUST Compliance & Consulting Services for Houston, TX Healthcare Organizations

FLANK, a leading provider of compliance services for Texas businesses, offers comprehensive HITRUST compliance & consulting services for Houston, TX healthcare organizations. HITRUST has now become one of the most requested regulatory compliance reports, which means literally tens of thousands of businesses throughout North America must become compliant.

Houston, with a large number of healthcare professionals, has a growing number of businesses seeking highly-qualified, HITRUST professionals, and FLANK is Houston’s leading provider of HITRUST compliance & consulting services.  FLANK offers the following HITRUST compliance & consulting services for Houston, TX businesses:

HITRUST Readiness & Gap Assessments

The HITRUST Common Security Framework (CSF) has two main challenges for healthcare providers. First, it’s an incredibly lengthy, comprehensive, and complex document. Second, it is constantly being revised and updated. These two variables create immense issues for healthcare organizations trying to keep pace with growing regulatory compliance mandates.

Because of these very challenges, it’s highly important to perform a HITRUST readiness & gap assessment. Benefits of such an assessment include the following: (1). Gaining a strong understanding of scope in terms of business processes to be assessed, personnel and physical locations involved. (2). What third-party entities are to be included in the assessment, and more. Furthermore, you’ll be able to readily identify gaps and deficiencies that require immediate attention prior to even thinking about performing a HITRUST assessment by qualified auditors.

HITRUST Toolkit with Policy Templates for Houston Businesses

We hear the story time and time again, and it’s the following: “We need help in writing policies and procedures for HITRUST compliance, so do you offer such services and policy toolkits and templates?” The cold-hard truth is that one of the most demanding and time-consuming aspects of becoming HITRUST compliant is developing policies and procedures, and its why FLANK has developed the HITRUST Policy Template Toolkit.

Continue reading
  120 Hits
120 Hits

Security Policy Templates, Examples, Samples | Hundreds Available | Download

Security Policy Templates | Hundreds Available for Download

Security policy templates, examples, and samples are offered as part of the all-inclusive set of documents from FLANK, a global leader in the field of security documentation for all types of organizations, regardless of size, industry, or location. Security policy template are a must-have, as every business has a justified need to document their technology processes and procedures for a number of obvious reasons. First and foremost, security policy templates help organizations in documenting one’s overall technology infrastructure, starting with the network layer, all the way down into internal hosts, of which many are in virtualized environments.

Who are We? We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services

One of the larger, more pressing demands on businesses today is having security policy templates for regulatory compliance needs. Just stop and think about all the laws, mandates, and security audits, requiring documented policies and procedures - here’s the short list: Payment Card Industry Data Security Standards (PCI DSS), SSAE 18, HIPAA, GLBA, Sarbanes-Oxley (SOX), FISMA, DFARS, and much more.

Hundreds of Security Policy Templates Available for Download

What businesses need today are security policy templates developed by seasoned veterans from the I.T. community - comprehensive documentation that truly encompasses what organizations need from an information security perspective. With the FLANK21 set of operational, business specific, and information security policies, procedures – and more – you’ll get the very best security policy templates found anywhere today.

Security Policy Templates from a Global Leader in Security

FLANK is a recognized global provider of policies, procedures, provisioning and hardening checklists - and other supporting documentation - for companies seeking the highest quality security policy templates, examples, and samples found anywhere. Our talented staff - which includes systems and network engineers, regulatory compliance auditors, along with C level management - have spent years working together in developing what’s arguably some of the most complete and comprehensive set of security policy templates, examples, and samples found anywhere. A quick summary of the FLANK21 set of documents (available for purchase and immediate download) shows just how in-depth and comprehensive our material is:

Continue reading
  153 Hits
153 Hits

GDPR Policy Templates for Download – Get Compliant

GDPR Policy Templates & Toolkit for Instant Download

FLANK offer GDPR policy templates and policies & procedures for instant download today for businesses all throughout the globe looking for high-quality, professionally developed policies and procedures for the General Data Protection Regulation. With a compliance deadline of May, 2018 fast approaching (as of this writing), controllers and processors are no doubt working hard in putting together a compliance framework that meets the stringent guidelines of the GDPR.

Missed the deadline of May, 2018 and still need assistance? Then start saving dozens of hours and thousands of dollars on GDPR compliance by instantly downloading the GDPR All-in-One Global Compliance Toolkit containing hundreds of pages of GDPR policy templates. For GDPR consulting and compliance services, please email us at This email address is being protected from spambots. You need JavaScript enabled to view it. today.

Get Compliant - Download GDPR Policy Templates & Toolkit Now

What’s missing and what’s causing the compliance headache? GDPR policy templates. Specifically, controllers and processors are having a difficult time finding high-quality templates and then the time for authoring GDPR documentation. Not anymore, thanks to FLANK. Businesses can now download the GDPR All-in-One Global Compliance Toolkit containing hundreds of pages of GDPR policy templates.Our GDPR All-in-One Global Compliance Toolkit includes the following essential compliance documents:

1. GDPR Compliance Requirements and Overview Matrix2. GDPR Mapping to ISO 27001/270012 Matrix3. GDPR Compliance Checklist4. ISO 27001/27002: 2013 All-in-One Toolkit5. Information Security & Cybersecurity Policy and Procedures Manual6. Incident Response and Breach Reporting Program – GDPR 7. Breach Notice Letter (Enhanced for GDPR)8. Third-Party Due-Diligence & Vendor Management Program – GDPR9. Data Privacy Notices for Websites (enhanced for GDPR)10. Data Processing Policy and Procedures - GDPR11. Data Processing for Special Categories Policy and Procedures - GDPR12. GDPR Data Protection Impact Assessment (DPIA) Template Program13. Data Protection Officer (DPO) Policy and Procedures - GDPR14. Data Protection Policy and Procedures – GDPR15. Data Quality Policy and Procedures - GDPR16. GDPR Consent Checklist17. Personal Data Inventory Matrix for Data Subjects - GDPR18. Records of Processing Activities Matrix for Data Subjects - GDPR19. Right of Access Policy and Procedures - GDPR 20. Right to Data Portability Policy and Procedures - GDPR 21. Right to Erasure Policy and Procedures - GDPR 22. Right to Object Policy and Procedures - GDPR23. Right to Rectification Policy and Procedures - GDPR24. Right to Restriction Policy and Procedures – GDPR

Authoring GDPR policies and procedures can be an incredibly tedious undertaking, especially when you have little to no templates to start with. Not anymore, thanks to the compliance experts at FLANK who offer world-class GDPR policy documentation that’s available for instant download today. Becoming GDPR compliant has never been quicker or easier, thanks to FLANK’s world-class documentation.

Continue reading
  161 Hits
161 Hits

What is FISMA and NIST?

What is FISMA and NIST?

A: FISMA stands for the Federal Information Security Modernization Act (FISMA) of 2014, It is US legislation creating a comprehensive framework for protecting government information, operations and assets against man-made or natural threats. It is in fact an enhanced version of the original Federal Information Security Management Act signed into law by President George W. Bush in 2002.

NIST, is the acronym for the National Institute of Standards and Technology (NIST), a standards body within the federal government that puts forth a wide-range of publications that set the standards for recommended security controls.

Organizations all throughout North America need to have a solid understanding of the role of FISMA & NIST as federal cybersecurity requirements continue to grow.

What is NIST SP 800-53?

Simply stated, NIST SP 800-53 requires federal contractors to put in place comprehensive information security and privacy policies, procedures, processes, and related internal controls.

It’s a “Special Publication,” titled Security and Privacy Controls for Information Systems and Organizations, and it is one of the most well-respected, well-known, and comprehensive security publications found anywhere in the world. It contains a prescriptive listing of control families and related security and privacy controls that federal contractors need to have in place for becoming FISMA compliant.

Continue reading
  334 Hits
334 Hits

Writing Information Security Policies and Procedures is What We Do Best!

Writing Information Security Policies and Procedures is What We Do Best!

Writing information security policies and procedures is a very time-consuming, arduous task, to say the least. As a business owner or employee, you have to set aside important tasks, find a set of high quality templates - or even worse - dust off those antiquated shelf-ware policies and procedures written years ago. Isn’t there a better way of writing information security policies and procedures? There is, and it starts with FLANK, a global leader in providing documented policies, procedures, forms and checklists for literally anything related to information security.

Who are We? We’re FLANK. Learn About our 3 Point Stance!

1. Providers of World-Class InfoSec & Compliance Policy Templates & Toolkits.2. Saving Businesses Thousands of Dollars with Outsourced Compliance Service Offerings.3. Offering set fees for Security, Governance, and Regulatory Compliance Assessment & Audit Services.

FLANK and their trusted consultants, who range from network engineers, consultants, auditors to C level management, have put together one of the most in-depth and comprehensive set of information security policies you will find anywhere. It's called the FLANK21 – just how comprehensive are these documents - consider the following:

Hundreds of policies, procedures, forms, and checklistsProvisioning and hardening documents for ensuring all I.T. systems are properly secured before being deployed out on a network.Dozens and dozens of sections and categoriesDocumentation for many of today’s growing fields within information technology, such as cloud computing and virtualization.Extremely detailed and well-written, and growing everyday - thanks to our talented and skillful staff, who are constantly adding more and more quality documents all the time!Developed utilizing various provisions from some of the world’s most recognized information technology benchmarks, standards, and frameworks.Writing Information Security Policies and Procedures is Now Easier than Ever

What’s more, writing information security policies and procedures is easy with the FLANK21 set of documents as it contains literally hundreds of policies, procedures, forms and checklists for every conceivable area or platform related to information security, such as the following:

Network Devices-Templates specifically tailored toward routers, switches, firewalls and more!Operating Systems-Documentation provided for all major operating system platforms, such as Microsoft Windows (their 2003 to 2012 server line), UNIX and all commonly used Linux distributions, (RHEL, etc.)Databases-Policies and procedure documents for MS SQL Server, MySQL, Oracle, and PostgreSQL.Web Servers-Templates for Apache, Tomcat, IIS and more!

But filling out policy templates is one thing, actually have a set of comprehensive procedures and supporting provisioning and hardening documents is what’s also needed when it comes to writing information security policies and procedures. After all, what good is an information security policy if an organization doesn't have supporting procedures for the stated policy or even provisioning and hardening documents describing how to secure system resources?

Continue reading
  190 Hits
190 Hits

FISMA Compliance & Certification Services for Federal Contractors in Texas

FISMA Compliance & Certification Services for Federal Contractors in Texas

FLANK offers comprehensive, fixed-fee FISMA compliance & certification services – and FISMA policy toolkits – for federal contractors all throughout the state of Texas. With hundreds of federal contractors located in Dallas, Houston, Austin, San Antonio – and numerous other locations – such entities are being required to comply with the Federal Information Security Management Act (FISMA) of 2002, which was amended in 2014 and re-named the Federal Information Security Modernization Act (FISMA).

As for FISMA, it’s without question one of the most in-depth and complex compliance mandates, due largely to the fact that becoming compliant means adhering to the controls put forth in NIST SP 800-53. From Access Control (AC) to Program Management (PM), the family of controls within NIST SP 800-53 require a healthy dose of FISMA policies, procedures, and processes to be in place – so turn to the Texas FISMA compliance experts today at FLANK.

Proven FISMA Service and Solutions for Texas Businesses

We offer a variety of services and solutions for helping Texas businesses with FISMA compliance & certification, such as the following:

Fixed-Fee FISMA Readiness & Gap Assessments:  Want to become FISMA compliant in an efficient and cost-effective manner, then Texas businesses would be well-served by performing a FISMA readiness & gap assessment. Brief, cost-effective, yet incredibly useful, such an assessment helps to identify and confirm critical scoping boundaries, missing documentation (i.e., FISMA policies and procedures), along with internal controls requiring immediate remediation. If you’re new to the world of federal compliance, then a FISMA readiness & gap assessment is an absolute must.

One of the biggest challenges faced by federal contractors with FISMA compliance is trying to eliminate the dreaded scope creep. Often times, engagements get bogged down as both sides (i.e., the FISMA assessor and the client) are unsure as to what business functions are to be examined, what personnel are involved, physical locations to be assessed, and much more. This can create an issue where FISMA compliance & certification can spiral out of control, creating immense challenges and cost overruns. How to avoid such a nightmare? Perform a FISMA readiness & gap assessment with FLANK. Contact us today at This email address is being protected from spambots. You need JavaScript enabled to view it. to learn more.

Continue reading
  206 Hits
206 Hits