Saldutti Law Group takes security and compliance beyond hardware and software

Saldutti Law Group is an effective security and compliance partner
  • SOC-1 Type 1 Certified
  • Vulnerability assessment and penetration testing
  • ISO 27001/2
  • Shared Assessments – standardized information gathering questionnaire and/or agreed upon procedure assessment preparation

The firm continually undertakes risk assessment. Saldutti Law Group maintains an ongoing review concerning risk both internally and externally. The firm continually evaluates clients' requirements concerning the intricate compliance in regulatory area. The firm takes expensive steps in order to understand its regulatory responsibilities and intricacies of the financial markets.

Saldutti Law continually upgrades its operational efficiencies in order to reduce errors and to provide quality assurance to our financial and other creditors. Our state of the art service delivery model allows for operational efficiencies.

The firm maintains extensive written policies and procedures concerning the above areas. The firm maintains extensive training procedures including job specific training to ensure full compliance with all company policies and procedures. This includes current threat assessments and constant security awareness training.

Saldutti Law undertakes vigorous vender management overview and oversight including nondisclosure agreements and related investigatory processes to ensure that the risk and information security and regulatory compliance requirements are met.

PHYSICAL CONTROLS - The firm has extensive physical and electronic controls in place including encrypted security procedures, video monitoring to ensure that our clients' data and related items are continually maintained. The firm has extensive access controls in place to all other checkpoints and limited control of sensitive data.

The firm's security controls continually assess confidentiality, integrity and availability. The CIA is critical to the firm's success and in the environment that the firm operates and conducts its business on behalf of its clients. The firm has been on the cutting edge for business continuity and disaster recovery plans including data backup and network monitoring and cross-training employees. The firm's implementation of various procedures and processes has allowed to achieve continued success with third-party vendor audits.