What is VA?

The Virtual Auditor family encompasses a broad spectrum of security and compliance services designed to complement our clients’ in-house IT and audit departments. Our experience and capabilities are broad and deep in these vital disciplines. Virtual Auditor provides specialized consulting services customized to our clients’ requirements.

Our portfolio of services includes:

Patch Management

Patch Management (Equifax Incident Prevention)

Perhaps if Equifax's senior management had continuous monitoring in place, such as Virtual Auditor, they might have known about vulnerabilities sooner, stopped the breach earlier, and notified everyone more rapidly. They also might not have been fired and congressional investigations and over 30 lawsuits seeking more than $100 Billion in damages wouldn't be underway right now.

23 NYCRR 500


Virtual Auditor can help Covered Entities that are subject to New York's Cybersecurity Regulation (23 NYCRR Part 500) build, maintain, monitor, and improve a cyber security program that will meet and exceed Part 500. VA supports: ISO 27001/02, GLBA, FFIEC, NYC Part 500, HIPAA, HITRUST, NIST 800-53, and More! Learn more about the compliance solutions VA offers here.

What is VSOS?

Virtual Auditor Technologies & Service (VSOS)

Virtual Auditor’s flagship product is a combination of our proprietary technology and consultative approach to security and compliance. Our Virtual Security Officer Server (VSOS) is the technology we have created that allows us to monitor and alert your organization of threatening activity, abnormal behavior and compliance concerns. Daily individual emails, dashboards and reports keep our clients aware of security and compliance issues at all times freeing up IT staff time for operational duties and new initiatives.

Security Program Creation

Security Program Creation

Virtual Auditor can create security programs designed to meet your organizational requirements matching the size and complexity of your institution, agency or company. Virtual Auditor’s VSOS technology (see prior) is a perfect complement to this service matching the monitoring, alerting and reporting requirements of the security program. Learn more about the compliance solutions VA offers here.

IT Management & IT Process

IT Management & IT Process

In nearly all businesses today IT capabilities and technologies are integral components of every mission critical process. Some organizations may lack senior management experience, IT process expertise or simply need seasoned IT executive partners with which to consult on new or existing initiatives.

Virtual Auditor offers consultative assistance at the strategic and tactical levels to ensure your organization is capable of meeting business goals and objectives.

Vulnerability & Penetration Testing

Vulnerability & Penetration Testing

The threat landscape is ominous and growing increasingly hostile each day. Operational duties often consume nearly all of the available IT staff time and resources forcing security and compliance tasks into a tertiary role. This dilemma leaves many organizations at risk. Virtual Auditor meets these challenges by offering professional grade vulnerability scanning and penetration testing services designed to meeting both security and compliance mandates. The Virtual Auditor service includes consultative meetings to ensure each client understands how a threat could exploit a discovered vulnerability and the suggested mitigation technique to address the risk.

Application Audits

Application Audits

Most mission critical processes in today’s businesses are dependent on one or more applications to function. Consequently, each organization must ensure these applications are not vulnerable to the myriad threats that exist today. Virtual Auditor has developed proprietary application analysis tools and processes to interrogate applications and discover vulnerabilities. This process is designed to illuminate root causes of application security issues.

Risk Assessments

Risk Assessments (HIPAA, PCI, GLBA & NIST)

Most regulatory bodies and many laws require businesses, agencies and institutions to manage risk in a prescribed and responsible manner subject to intense federal and state examiner scrutiny. Risk management is a centerpiece of these mandates. Virtual Auditor assists its clients with the creation of risk assessments and risk management programs.

Policy Development & Compliance Cross Walks

Policy Development & Compliance Cross Walks

Security is manifested in the business domain through the creation and deployment of physical, logical (technical) and administrative controls. In many organizations, insufficient staff exists to adequately address the administrative controls typically found in organizational policy and procedure documents. Virtual Auditor has a comprehensive set of base policy documents mapped to the most demanding regulatory standards in today’s business environments. These documents can be acquired in a generic format saving organizations months of laborious effort. Or, Virtual Auditor can customize the documents to meet the specific needs of your organization.

In-House Audit Tools

In-House Audit Tools

Virtual Auditor's fully managed security service adds an IT security, compliance, and operations auditor to your team. This auditor comes with the best tools in the industry. You'll have vulnerability assessment, IDS, NAC, SIEM, portable media, malware detection, software inventory, and many more tools running in your environment almost immediately. All of these tools come together in the digital dashboard and security portal.

what our customers are saying

GMX Healthcare Systems

"With the VSOS appliance in place I can spend a lot less time worrying about network security and outside threats and a lot more time focused on my job. Virtual Auditor gives my entire IT department peace of mind."

Marcus Johnson  •  (Company Withheld)

"My greatest fear is a security breach that impacts our customers personal information. Virtual Auditor's appliance prevents and alerts us to potential cyber attacks and network breaches before they can become a problem."

Gloria Mansfield  •  (Company Withheld)