About

Morrison Consulting provides solutions to computer security problems faced by companies and organizations.

Our background is 16+ years global corporate and consulting experience, conducting over 200 assessments of company internal and outsourced partner systems.  We have validated and recommended solutions for:

  • Governance, Risk and Compliance (GRC) assurance
  • Personally Identifiable Information (PII) and data privacy compliance
  • Company architecture and policy compliance
  • Payment Card Industry Data Security Standard (PCI DSS) compliance
  • Health Insurance  Portability and Accountability Act (HIPAA)
  • Computer Emergency Response Team (CERT) identified vulnerabilities

We have developed solutions for:

  • Cloud migrations
  • Enterprise Resource Planning (ERP) and compliance-regulated systems
  • IT Security architectures and frameworks, based upon COBIT, ITIL ISO/IEC requirements, integrating standard and non-standard controls

Our work is anchored in architecture, policy and compliance.

For architecture, we embrace creative approaches that come from intentionally varied perspectives of the problem, validated constraints and potential solutions.  We believe in frameworks to organize for a unified solution, while exercising rapid iterations of design to identify candidate components within the framework.

For policy, we have written or contributed to policy documents covering the entire range of IT Security programs and practices within large and small companies. We believe in clearly written policy documents without jargon that lay out a framework for flexible yet secure processes.

For compliance, we are experts in the requirements, we understand how those requirements have been interpreted in practice, and we understand how those requirements are evolving. We deliver to our clients an assessment of compliance that informs the decisions they make within their specific comfort of risk tolerance .

Come work with us!