Blue Ocean Group is a professional services and consulting firm that provides information security assurance and advisory services to clients in the commercial and public sector. We are focused on providing cost‐effective, superior security and risk management solutions that are operationally efficient and make business sense.

Our broad solution offerings include Information Security Engineering, Regulatory Compliance, Security Risk Assessments and Governance Process Development. Our value proposition lies in our ability to look at the big picture of Information Security and Risk Management; from engineering the right security solution to identifying, accessing and managing the risks in the organization, Blue Ocean Group will provide value to both the IT and Business groups looking to improve and mitigate their risk position in this regulated environment.

Blue Ocean Group services are modeled on a risk‐based methodology to protect the confidentiality, integrity, and availability of our client’s data. The following are our key offerings in the Information Security & Risk Management Domain:

• Technology Risk and Control Assessments
• Vulnerability Assessments (Ethical Hacking execution, Network Scanning etc.)
• Security Tools Engineering & Implementation (Role Based Access, Password Vaulting, Access Recertification, GRC etc.)
• Certification & Accreditation (DITSCAP, NIACAP, NIST methodologies)
• Data Center Reviews (SAS‐70, SysTrust reviews etc.)
• Data Loss Prevention (DLP)
• Secure SDLC (Secure Coding Practices etc.)
• Technology Policy, Procedures and Standards Development (SOX, HIPAA, GLBA etc.)
• Technology Risk Management & Framework Development (ISO 17799, NIST etc.)
• Security Program Awareness and Training

We are a Woman and Minority‐owned Security Consulting firm, headquartered in Oakton, VA since 2008.