(910) 256-9995 | info@earneynet.com

Information Security & Privacy

Technology Risk Advisory Services

Physician Cybersecurity Advisory

Download now

Meet Robert Duggan, CPA, CISSP

Information privacy breaches and ransomware attacks are at unprecedented levels. Earney & Company Technology Risk Advisory is here to assist your organization with an independent assessment of cybersecurity. Our highly experienced and credentialed team has worked with companies of all sizes and structures as well as government entities. We can help your organization ensure best practice controls are in place, properly designed, and functioning effectively in order to avoid the business interruption, operational losses, regulatory penalties, and reputation damage that come with system compromise. Our assessment tools are mapped to most of the major information security control frameworks.

Our Cybersecurity Risk Assessment is conducted based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and we right-size our approach to your organization’s risk environment and privacy compliance requirements:

  • Consists of scoping the organization’s technology assets, endpoints, and evaluating the design of security controls in place against the NIST CSF Framework detail elements and best practice.
  • Control improvements for any identified gaps are recommended based on best practices in each area, for each element, with respect to organizational complexity and efficiency.
  • Provides Executive Management and IT with a prioritization of any security gaps identified along with improvement recommendations. This can serve as a virtual blueprint for your annual security planning process.
  • The cybersecurity risk assessment provided will help ensure the organization remains in step with industry regulatory privacy requirements, which are integrated to our programs
  • Our process includes a review of vendor security controls via examination of Service Organization Control Reports (SOC) as well as any Business Associate Agreements (HIPAA) and Master Service Agreements (MSA) / Service Level Agreements (SLAs) to help ensure your reliance on vendor security is justifiable.

Information Privacy Regulatory Compliance

Earney & Company can perform an independent review of Cybersecurity and Privacy Compliance for Healthcare (HIPAA) as well as Financial Service Firms (SEC Reg S-P, NCUA, GLBA), Government, and Education (FERPA). Our integrated cybersecurity and privacy risk assessments are vital to trusted service organizations such as Law Firms as well. Our methodology includes a review of your vendor security agreements and Service Organization Control Reports (SOC-2 ) to help you document justifiable reliance on vendor controls. This has proven to be extremely important in the event of a key vendor breach.

NIST 800-53 Controls Review and Audit Readiness

We can assess the design and operating effectiveness of your Information Security controls against the NIST 800-53 family of controls / framework. This is the most widely accepted comprehensive IT security control best practice framework across Federal, State, and Municipal Governments, Government Contractors, and many industries. Our tool is designed for efficient execution and we have over 35 years of combined experience with right-sizing best practice information security controls on the team. We can perform smaller, more focused reviews as well, such as Information Asset Inventory processes or Disaster Recovery Plan readiness.

CMMC / NIST 800-171 Readiness

The time is now for Department of Defense vendors and subcontractors to evaluate their security posture for CMMC audit preparedness. Earney & Company can assess your CMMC Readiness and NIST 800-171 compliance position. Our efficient tool and methodology will not only ensure you are prepared for the C3PAO audit, we can also evaluate the effectiveness of your cybersecurity comprehensively. This way you establish audit readiness and ensure adequate security posture to defend against breach, intrusion, or accidental loss, regardless of what CMMC “level”is required for your organization.

Red Team Assessments – Penetration Testing – Vulnerability Scanning

How will your organization fare against a determined hacker or automated spear phishing campaign?

Earney & Company’s Red Team Assessment is a well-planned and orchestrated real-world attack that will identify gaps in your company’s security posture and enable proper correction. Our team has experience leading and performing penetration tests and vulnerability scans in diverse settings nationally. Led by an experienced CISSP, our Red Team tools are top-rated. We are confident that the process will be enlightening for your company’s leadership and will assist you in developing a culture of awareness in this accelerated threat environment. Our clients will say that our cybersecurity assessment approach is highly collaborative; we are here to help Carolina businesses ensure they are sufficiently protected and supported and to help technology professionals and senior executives alike to be successful in their efforts to protect organizational assets.

Our Red Team Assessment and Vulnerability Scan can be integrated to a comprehensive cybersecurity risk / information privacy assessment or tailored cybersecurity audit program depending on your risk profile and frameworks needs.

System Implementation Assurance

Our team has over 20 years of Enterprise Resource Planning (ERP) and Financial Reporting Software, as well as Electronic Medical Record (EMR) implementation assurance experience. Our approach will help avoid issues at go-live and costly errors in critical areas such as interfaces and data migration / conversion. We will ensure your critical processes are tested by system regular users to help ensure functionality and avoid surprises.

SOC Readiness

If you are preparing for a SOC 1 or 2 Audit, our team can perform a readiness assessment and create a documentation set which can dramatically reduce the audit fee and ensure you are prepared to pass with good controls when the external SOC audit team arrives.


In three easy steps, our team can help you
find your path to a sustainable, profitable business
and more individual freedom.

 

 Our Specialties

Dentists

We are committed to helping you achieve financial success within your dental practice. We understand the difficult balance of managing your practice and delivering high-quality patient care. Outsource your accounting duties...

read more

Family Businesses

Our firm understands that closely held and family owned businesses are unique and require specialized services. We measure our success by the personal relationships we have with businesses of all sizes...

read more

Franchises

Potential franchisees need metrics to analyze a purchase decision, uncover potential additional costs, and prepare to manage a business. Calculating the potential return on investment, growth & income potential are also crucial...

read more

Healthcare

As a health care provider, you are tasked with promoting, maintaining, or restoring your patients’ health. You use your expertise, experience, and depth of care to help your patient...

read more

Homeowners Associations

Your homeowners association requires a trusted advisor qualified to support its unique tax and accounting needs. Our firm stays current on association developments and issues to ensure that you receive the highest quality service...

read more

Hospitality Industry

Respect, attention to the needs of your customer, details, and personal care are the order of the day for the hospitality industry. We have the same principles in approaching our relationship with you and your management team...

read more

Manufacturing & Distribution

Earney & Company works with a diverse group of manufacturing and distribution clients. We provide traditional tax, accounting, and consulting services, but we also work with our clients to help them improve efficiencies, reduce costs, and ultimately increase their bottom line profitability...

read more

Not-for-Profits

Beyond core accounting work, our firm offers extended value as an accounting service provider for not-for-profit entities. We differentiate ourselves from other firms because we truly understand your needs and how you operate...

read more

mobile-graphic

Latest from Our Blog


qb-proadvisor-desktop qb-proadvisor-advdesktop qb-proadvisor-online qb-proadvisor-advonline qb-proadvisor-enterprise

Learn More

Help us. Help others.

Tell us about your experience with our firm.

Review Us
membershipmembershipmembershipmembershipmembershipmembershipmembershipmembershipmembershipmembership