About us

About us

Introducing the President and Founder

Keith S. Crumpton

Mr. Crumpton has over thirty-five years of Information Technology Management experience with public, non-profit, financial, manufacturing, banking, judicial, and most recently ecommerce environments and startups.

Mr. Crumpton’s areas of solution expertise include security audit, assessment, planning and remediation, business and technology risk analysis and remediation, business impact analysis, change management methodology adoption and implementation, business continuity plan creation, and implementation, multi-site support, and critical IT applications and data center recovery planning efforts.

Mr. Crumpton has developed and provided Business Continuity Planning Services based upon Disaster Recovery Institute International’s (DRII) Professional Practices, PCI DSS Assessment, Remediation, and Compliance Continuity based upon PCI DSS 3.0, and HIPAA Audit, Assessment, and Remediation Project Management.

Mr. Crumpton has worked with clients such as: The Cadmus Group, CQuotient, Citizens Bank, SAIC, PNMR, Superior Court of San Diego County, CVS, Entex Information Services, Siemens Business Systems, Retail Convergence (Rue La La), Administrative Offices of the Courts of California, Bank of Boston, Suffolk Franklin Savings Bank, American Red Cross Blood Services, and the Town of Chelmsford, MA.

Presently, Mr. Crumpton represents organizations, on a contractual basis, as their Information Security Officer, assisting them with Regulatory Compliance Assessment and Remediation efforts based on a risk management approach for business appropriate Information Security programs, policies, and procedures based on COBIT, ISO, and NIST principles.

Introducing the President and Founder

bio

Keith S. Crumpton

Mr. Crumpton has over thirty-five years of Information Technology Management experience with public, non-profit, financial, manufacturing, banking, judicial, and most recently ecommerce environments and startups.

Mr. Crumpton’s areas of solution expertise include security audit, assessment, planning and remediation, business and technology risk analysis and remediation, business impact analysis, change management methodology adoption and implementation, business continuity plan creation, and implementation, multi-site support, and critical IT applications and data center recovery planning efforts.

Mr. Crumpton has developed and provided Business Continuity Planning Services based upon Disaster Recovery Institute International’s (DRII) Professional Practices, PCI DSS Assessment, Remediation, and Compliance Continuity based upon PCI DSS 3.0, and HIPAA Audit, Assessment, and Remediation Project Management.

Mr. Crumpton has worked with clients such as: The Cadmus Group, CQuotient, Citizens Bank, SAIC, PNMR, Superior Court of San Diego County, CVS, Entex Information Services, Siemens Business Systems, Retail Convergence (Rue La La), Administrative Offices of the Courts of California, Bank of Boston, Suffolk Franklin Savings Bank, American Red Cross Blood Services, and the Town of Chelmsford, MA.

Presently, Mr. Crumpton represents organizations, on a contractual basis, as their Information Security Officer, assisting them with Regulatory Compliance Assessment and Remediation efforts based on a risk management approach for business appropriate Information Security programs, policies, and procedures based on COBIT, ISO, and NIST principles.

Accreditations

We have the solution expertise to support your Information Security Program based upon business and technology risk analysis and remediation planning.

During the creation and/or support of the Information Security Program, we include incident management and response, business impact analysis, change management methodology adoption and implementation, and security procedure implementation.

We also possess expertise in systems integration, critical IT applications support, data center design, creation, consolidation, and relocation, business continuity planning, and disaster recovery planning.

We assist you efficiently and expeditiously.

Description

CISO Consulting has over thirty-five (35) years assisting organizations on Information Security matters as the Chief Information Security Officer.

We perform the Information Security Governance and Management function with a risk management approach for business appropriate Information Security programs, policies, and procedures based on COBIT, ISO 27001:2013, and NIST principles.

We determine & manage requirements for:

  • Regulatory Compliance & Reporting
  • Business Continuity Planning
  • Disaster Recovery Planning
  • Incident Response Planning
  • Data Center Design, Relocation, and Consolidation

Mission Statement

CISO Consulting works with Client(s) to establish and maintain regulatory appropriate Information Security Program(s) that educate and assist Client(s) users in the appropriate use of technology to acquire, access, process, and report on the data the Client(s) obtain and store, to maintain the confidentiality, integrity, and availability of the data, while ensuring the Client(s) Subject(s) of the data the privacy of the data is assured at rest, during processing, and, if necessary, when transmitted to third party processors who are also charged with maintaining the privacy of the data as part of their information security contractual obligations which the Client(s) must review on an annual basis.