Services & Pricing

Service packages designed to meet you where you are in your compliance journey. Each can be engaged independently or combined for end-to-end readiness support. See our methodology for how the readiness process works.

Readiness Sprint

2–4 weeks

Estimated range: $8,000–$25,000

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Qualified individual assessment and role gap analysis
  • Customer information inventory across all systems and storage locations
  • Risk assessment gap analysis against § 314.4(b) requirements
  • Safeguard evaluation covering access controls, encryption, MFA, and disposal
  • FTC Safeguards Rule compliance checklist with current-state ratings
  • Executive readout with prioritized remediation roadmap
Get Started

Remediation Program

4–12 weeks

Estimated range: $15,000–$60,000

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Written risk assessment development meeting § 314.4(b) requirements
  • Access control implementation with least-privilege design and review procedures
  • Encryption deployment plan for customer information in transit and at rest
  • MFA rollout across all customer information systems
  • Written incident response plan with FTC notification procedures
  • Vendor oversight program with assessment templates and contract language
  • Secure disposal procedures and documentation framework
Get Started

Audit Support

During assessment

Estimated range: $5,000–$20,000

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • FTC examination preparation including document assembly and readiness review
  • Evidence assembly and quality assurance for all safeguard categories
  • Qualified individual board report preparation and review
  • Safeguard documentation organization and gap remediation
  • Examination response coordination and follow-up tracking
Get Started

Continuous Compliance

Ongoing (monthly)

Estimated range: $3,000–$10,000/mo

Market-informed estimate — actual pricing depends on scope and complexity.

Deliverables

  • Quarterly risk assessment updates reflecting new threats and system changes
  • Annual board reporting support for the qualified individual
  • Vendor reassessment coordination and tracking
  • Incident response plan testing and tabletop exercises
  • Regulatory change monitoring for FTC Safeguards Rule amendments and enforcement actions
  • Evidence calendar management and collection reminders
Get Started

Who Does What: RACI Matrix

A clear engagement model ensures that responsibilities are understood from day one. The matrix below shows who is Responsible (R), Accountable (A), Consulted (C), and Informed (I) for each workstream.

Workstream Founder / CEO CTO / VP Eng Security / Compliance Ops / COO HR Eng / SRE Reviewer
Approve scope and goals A C R C I I I
Control design and mapping I A R C C R C
Policy adoption A C R R C I I
Evidence collection I A R C C R I
Vendor management evidence I C R A I I I
Review coordination I C A/R C C C R