Information technology risk and information security are no longer just a technical problem and the sole responsibility of IT; they are increasingly being recognized as a business problem. It is imperative for organizations to mitigate technology related risks. Rausch Advisory Services understands that today’s businesses have been under increased pressure to identify and assess the impact associated with information technology.

Rausch Advisory Services Information Security professionals maintain a combination of the following Information Security designations: Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), IACRB Certified Penetration Tester (CPT), Certified in Risk and Information Systems Control (CRISC), SEC-Council Certified Ethical Hacker (C|EH), and GIAC Certified Forensics Examiner (GCFE).

Rausch’s Information Security Advisory professionals utilize methodologies that are based on widely accepted, recognized standards and best practices such as NIST, ISO/IEC 27002:2013 and CSA frameworks and they are oriented to your organization’s unique needs. Through highly skilled, certified professionals and proven methodologies, we assist our clients reduce their risk profiles and comply with industry-specific guidelines and requirements including the Federal Information Security Management Act (FISMA), Electronic Records, Health Insurance Portability and Accountability Act (HIPAA), The Health Information Technology for Economic and Clinical Health Act (HITECH), and International Traffic in Arms Regulations (ITAR).


Our Information Security services include:

  • Information Security Enterprise-Wide Risk Assessment
  • Business Continuity Management
  • Audit Plan Development
  • Vulnerability Assessments
  • Social Engineering
  • Network, Wireless And Web Application Security Reviews
  • Incident Analysis And Response
  • Data Loss Prevention Auditing And Implementation
  • Security Alert Monitoring And Compliance Implementations
  • IT Vendor Assurance
  • Interim Resource Management
  • Security Awareness Training