DataGuardZ is a leading consulting firm that specializes in security risk management offering a complete suite of competitively priced services performed by highly skilled and specialized professionals.

DataGuardZ is an IT Risk management consulting firm specializing in ISO 27001. We assist organizations in developing and implementing an ISO 27001 Information Security Management System that will lead to certification.

We work with clients to develop more efficient and effective information security programs that meet their current and future business objectives. We take the time to know you, understand your business goals and objectives and the regulatory challenges your organization faces on a daily basis.

We work along with the members of your organization to make sure that our recommendations and solutions are aligned with your business objectives. In this way, we will be able to provide your organization with a tailored and sustainable solution that addresses your specific requirements and deliver it on time and within budget.

DataGuardZ consultants are proud to be certified by the International Register of Certified Auditors (IRCA), RABQSA and British Standards Institution (BSI) in ISO 27001 - ISO 20000. Many IT consulting companies provide ISO 27001 services, but few are actually certified by a recognized registrar in ISO 27001 or ISO 20000.

The DataGuardZ team has taken the time and the effort to meet these stricter requirements. Not only do we have the skill sets and the certifications to ensure the development and implementation of an Information Security Management System that will lead to ISO 27001 certification, we guarantee it. The DataGuardZ guarantee is part of every ISO 27001 engagement.

Regulations and Certification Standards

ISO 27001:2013

Internationally recognized certification standard for Information Security.

Makes it easier to do business globally.

Certification minimizes security questionnaires and client audits.

Addresses a majority of current and future Information Security requirements (EU GDPR), (NYS DFS Rule).

Information Security Certification.

ISO 27018:2014

International standard for managing PII (Personally Identifiable Information) in the Cloud.

Enhanced addition to ISO 27001:2013 Certification.

Pertains to companies that provide cloud based software services.

Provides guidance to organizations concerned about how cloud service providers are handling their PII.

Privacy Certification.


Provides guidance to make Cloud services safer and more secure.

Used in affiliation with ISO 27001 series of standards.

Clarifies roles and responsibilities of Cloud service providers and Cloud service customers.

Cloud Certification.

EU General Data Protection Regulation (GDPR)

Regulation applies to a company (Controller) that provides services to EU citizens as well as any third party/vendor(s) contracted by that company (Controller) to process (Processor) any information on behalf of the company.

Pertains to any company that directly or indirectly provides services to citizens in the European Union.

Regulation includes companies located in the EU as well as outside the EU.

Must meet the regulatory requirements by May, 2018 or be subjected to severe fines and penalties (up to 4% of a company’s annual global revenue).

ISO 27001:2013 meets the majority of the EU GDPR requirements.

CISO As a Service

DataGuardZ provides expertise in developing and implementing information security policies and procedures to companies that do not have Information Security resources.

Provide “ad hoc” Information Security services to companies that require assistance in enhancing their security framework and posture.

Assist companies in keeping up to date with new security rules and regulations.

DPO As a Service

DataGuardZ provides expertise in providing clients the necessary skills, expertise, and relationships they need by combining the responsiveness of an internal DPO and the perspective of an outside counsel.

Our qualified DPO resources bring years of experience in the data privacy, regulatory, information risk management, and security and compliance fields, with expertise in various security and reporting standards and best practices such as ISO 27001 and ISO 27018.

Our team will help you define, design, and manage your data privacy program in a manner that will best help your organization meet all privacy regulations.

DataGuardZ is approved by the The International Association of Privacy Professionals (IAPP).


Demonstrates that your infrastructure is secure and complies to the National Institute of Standards and Technology (NIST) and National Commission on Forensic Science (NCFS) Cybersecurity Framework.

Quickly becoming a globally recognized assessment, NCFS provides a harmonized approach to Cybersecurity. 

The Cybersecurity Framework’s prioritized, flexible approach helps promote the protection and resilience of critical infrastructure and other sectors vital to public health, the US economy and the security of the country. 

Cloud Security Alliance (CSA) STAR Level 2 Certification

Applies to members of the CSA.

STAR – Security Trust & Assurance Registry – leverages the requirements of ISO/IEC 27001:2013 management system standard with CSA cloud controls matrix.

ISO/IEC 27001:2013 – internationally recognized information security   standard.

Enhances the level of good security practices of CSA members.

NYS Department of Financial Services (DFS) Rule

Enhanced Cybersecurity rules for financial institutions that provide services to New York State residents.

Applies to companies that fall under the supervision of the NYS Department of Financial Services (Banks, trusts, budget planner, check cashers, credit union, insurance companies, etc.).

Includes institutions located in New York State, in other states and all branches and agencies of foreign banking corporations pursuant to the Banking Law to conduct banking operations in New York.

ISO 27001:2013 provides a framework to address these new rules.