Michael Rutt, CISSP, CISA

Information Security Architect Solutions

Information Security Architect Solutions

The goal of Information Security Architect Solutions is to evaluate the security posture of information technology of our customers. Information Security Architect Solutions works collaboratively with our customers to architect, coordinate, and address any security related concerns.

Many small to medium sized businesses don't have the resources to hire security staff and ISAS will provide a vCISO to help you identify and re-mediate security issues as they arise.

It's important to have accredited knowledge in the information security field and we are here to help.


A Chief Information Security Officer is instrumental in coordinating all manner of information security related issue. Drafting and approving policy, managing subject matter experts, incident response, developing information security services and work-flow. A Chief Information Security Officer will be able to identity key assets and how to protect them.

Being able to communicate critical information security issues to executives and key stakeholders concerning compliance issues is a top priority of a Chief Information Security Officer.


Risk can include a process, work-flow, assets and vendors. Being able to define the scope of risk and applying security controls through an audit process is key to define risk. A primary focus of an Information Security Architect is to provide a cost benefit analysis for security controls and mitigate risk. Showing value over time to key stakeholders provides value for your organization.

Compliance Management

Complying with federal regulation can be frustrating if you don't know how they apply to your organization. PCI, SOX, HIPPA, FERPA, GDPR, NIST 800-171 and Export Control have to be accounted for by law. It's important to make sure you protect data that is connected with any federal regulation.

Applying a solid security framework around sensitive data must be a priority for any organization. NIST, ISO 27001 and COBIT are frameworks that can be put in place to protect sensitive information.