Security & Compliance Consulting

Four paths through the labyrinth.

From a Security Health check to a monthly vCISO retainer, every service names what you get, what it costs, and when it ends.

Each engagement is scoped, priced, and built around the specific problem you are facing, not a vague statement of work that expands until the deadline slips.

Close overhead view of a compliance roadmap spread across a dark wooden desk — printed framework pages, a single open laptop showing a spreadsheet, a ruled notebook with handwritten annotations, and a ceramic coffee mug to the right edge; warm ambient office light from the left, shallow focus on the annotated document in the foreground

01 — The Thread

A structured expert assessment of your current security posture. We map where you are, where the gaps are, and what matters most. You leave with a clear written report and prioritized action list.

Structured assessment conversation
Written findings report with prioritized recommendations
Clear next-step roadmap

Security Health Check

Flat fee: $1,200 – $2,000.

1 - 2 Weeks: The fastest way to stop guessing and start knowing.

02 — The Map

For businesses facing a specific compliance requirement. A rigorous gap analysis against your target framework, with a remediation roadmap that tells you what to do, in what order, at what cost.

Gap analysis against target framework
Current state documentation
Prioritized remediation roadmap with effort and cost estimates
Executive summary for leadership or board
HIPAA · PCI · SOC 2 · NIST CSF · Cyber Insurance

Compliance Assessment

Project fee: $4,500 – $14,000.

3-5 Weeks: Scope and framework complexity determine final pricing.

03 — The Algorithm

Your team is already using AI tools. The question is whether anyone has defined the rules. A structured program to inventory your AI exposure, establish policy, and build a governance framework that protects your data and your reputation.

AI tool inventory and risk assessment
Acceptable use policy development
Vendor and third-party AI risk framework
Executive briefing and staff training
Governance framework documentation

AI Governance Program

Project based: $4,000 – $15,000. Scope defined prior to engagement.

04 — The Guide

Security leadership without the full-time cost. I become your security partner, managing your program, handling vendor reviews, building policies, training your team, and giving leadership the reporting they need to make confident decisions. Minimum 3-month engagement. Scope defined prior to engagement.

vCISO

Advisory Tier — $3,000 / mo

Program Tier — $5,000 / mo

Compliance Tier: $7,500 – $10,000 / mo

15–20 hours monthly.

Security program management
Vendor and third-party risk reviews
Incident response planning
Leadership and board reporting

25–40 hours monthly.

Active compliance framework management
Audit preparation and support
Security awareness training

8–10 hours monthly.

Monthly security program review call
Policy templates and maintenance
Quarterly risk review

Best for: Very small businesses, early-stage startups

Best for: Healthcare providers, Professional services (Legal, Accounting, Wealth Management)

Best for: Regulated industries under active audit pressure.

Talk Through Your Options

Start Here

Not sure which service fits? That's what the first call is for.

Describe the pressure you're under: the renewal demand, the vendor questionnaire, the audit notice, or other, and we'll tell you the concrete next step.