AuditXYZ

Audit Firm

Compass IT Compliance

Providence, RI(HQ)Remote (US nationwide)
Frameworks:PCI DSSSOC 2HIPAAHITRUSTISO 27001NIST CSF
Request quoteVisit website
FirmCompass IT Compliance
HQProvidence, RI
Founded2010
Employees50-100
Websitewww.compassitc.com
Typical Cost$15,000–$60,000
Frameworks
PCI DSSSOC 2HIPAAHITRUSTISO 27001NIST CSF

Frameworks Offered

PCI DSSSOC 2HIPAAHITRUSTISO 27001NIST CSF

Compass IT Compliance Auditor Profile

Compass IT Compliance is a Northeast-based compliance firm specializing in PCI DSS, SOC 2, HITRUST, and HIPAA assessments. Combines compliance auditing with penetration testing and vulnerability management services.

Founded in 2010 in Providence, Rhode Island, Compass IT Compliance serves financial institutions, healthcare organizations, and retailers across New England and nationwide. Their dual capability in both compliance assessment and technical security testing provides clients with comprehensive coverage that addresses both regulatory requirements and real-world security posture.

What Compass IT Compliance Does Well

  • PCI QSA + HITRUST assessor — Dual qualification serves companies needing both payment and healthcare security compliance.
  • Penetration testing integration — Technical security testing alongside compliance for comprehensive coverage.
  • Northeast focus — Strong relationships with New England financial institutions and healthcare organizations.

Engagement Process

  1. Initial scoping to identify applicable frameworks and assessment boundaries.
  2. Pre-assessment gap analysis with prioritized remediation recommendations.
  3. Technical security testing including penetration testing and vulnerability scanning.
  4. Formal compliance assessment with control testing and evidence review.
  5. Report delivery with combined compliance and technical security findings.

Pricing Expectations

Compass IT Compliance offers accessible pricing particularly for PCI DSS and HIPAA assessments. PCI DSS assessments start around $15,000, SOC 2 Type II from $20,000, HITRUST validated assessments from $30,000, and HIPAA assessments from $12,000. Their integrated approach combining compliance with penetration testing may deliver cost savings versus engaging separate firms.

Who Should Choose Compass IT Compliance

Compass IT Compliance is a strong choice for New England-based financial institutions, healthcare organizations, and retailers that need PCI DSS, HIPAA, or HITRUST assessments combined with technical security testing. Their dual compliance-and-security approach is particularly valuable for organizations that want comprehensive coverage from a single provider.

Request a Quote

Request a quote from Compass IT Compliance

By submitting, you agree to our privacy policy.

Similar firms

360 Advanced
soc-2
360 Advanced is a US-based compliance audit firm offering SOC 2, PCI DSS, HITRUST, ISO 27001, and HIPAA audits with a focus on technology and healthcare companies.
View
A-LIGN
soc-2
A-LIGN is one of the largest and most recognized compliance audit firms in the United States. Profile includes pricing, framework coverage, reviews, and engagement process.
View
A-Systems
iso-27001
A-Systems is a UAE-based ISO certification body offering ISO 27001, ISO 27701, and ISO 22301 certification audits for organizations in the Middle East.
View
Accredia Accredited Certification Bodies
iso-27001
Accredia is Italy's national accreditation body, accrediting ISO certification bodies to deliver ISO 27001, ISO 27701, and management system certifications in the Italian market.
View