CISO Consulting has over thirty-five (35) years assisting organizations on Information Security matters as the Chief Information Security Officer.

We perform the Information Security Governance and Management function with a risk management approach for business appropriate Information Security programs, policies, and procedures based on COBIT, ISO 27001:2013, and NIST principles.

We determine & manage requirements for:

  • Regulatory Compliance & Reporting
  • Business Continuity Planning
  • Disaster Recovery Planning
  • Incident Response Planning
  • Data Center Design, Relocation, and Consolidation

Get Started with CISO

We Are Efficient & Expeditious

We have the solution expertise to support your Information Security Program based upon business and technology risk analysis and remediation planning. 

During the creation and/or support of the Information Security Program, we include incident management and response, business impact analysis, change management methodology adoption and implementation, and security procedure implementation.

We also possess expertise in systems integration, critical IT applications support, data center design, creation, consolidation, and relocation, business continuity planning, and disaster recovery planning.

We assist you efficiently and expeditiously.

Introducing the President and Founder

Keith S. Crumpton
PCIP, MSIA, CRISC, CISSP, CISM, CCSFP, CBCP

Mr. Crumpton has over thirty-five years of Information Technology Management experience with public, non-profit, financial, manufacturing, banking, judicial, and most recently ecommerce environments and startups.

Mr. Crumpton’s areas of solution expertise include security audit, assessment, planning and remediation, business and technology risk analysis and remediation, business impact analysis, change management methodology adoption and implementation, business continuity plan creation, and implementation, multi-site support, and critical IT applications and data center recovery planning efforts.

Mr. Crumpton has developed and provided Business Continuity Planning Services based upon Disaster Recovery Institute International’s (DRII) Professional Practices, PCI DSS Assessment, Remediation, and Compliance Continuity based upon PCI DSS 3.0, and HIPAA Audit, Assessment, and Remediation Project Management.

Read More