Compliance Kickstarter Program
Become audit-ready in 3 months!
We handhold you through every step of the process, helping you achieve compliance without the headache.
Jones IT is based in San Francisco and has helped over 100 startups and growing businesses across the Bay Area achieve and maintain SOC 2, ISO 27001, HIPAA, PCI DSS, and NIST compliance. We know the regulatory expectations that SF investors, enterprise customers, and auditors bring, and we have built a program specifically designed to get you there in 3 months without pulling your engineering or operations teams off their core work.
Trusted By 100s of Amazing Businesses
Let’s Start The Conversation
No pushy sales pitches, just a conversation about your Compliance needs and how we can support them.
Fill out the form and we’ll be in touch within one business day (typically much faster).
Core Offerings & Features
Step-by-step strategic plan to achieve your compliance goals.
Customized security policies and documentation.
Select the right MDM and EDR tools to secure your organization.
Educational modules for role-based security awareness training.
Identify and evaluate vulnerabilities; offer mitigation strategies to reduce risk.
Streamline responses for vendor security reviews.
What’s Included
- Initial framework gap assessment
- Roadmap and timeline development
- 9–5pm PST compliance question support
- Policy development
- Liaise with auditor and pentester
- GRC platform management and setup
- Trust Center configuration
- Vendor management and reviews for existing vendors (limit 15 reviews)
- Templates/guidelines for processes and procedures
- Security training configuration and deployment
- Risk assessments
- Security questionnaires, RFPs (limit 2 per month)
- Incident response tabletop
What’s Not Included
- Security reviews for new vendors
- Configuration and deployment of systems like MDM, EDR, PW Manager, VPN, IDP
-
These are covered under our Cybersecurity and Compliance Management and Fully Managed IT services .
What To Do After The Program Period Ends?
Key Benefits of Our Compliance Kickstarter Program
The Compliance Kickstarter Program is purpose-built for the industries we know best, including AI startups, biotech and health companies, SaaS companies, fintech and crypto firms, and defense tech teams navigating CMMC and NIST requirements.
Gain the insight and full strategic value of a senior compliance expert at a fractional cost.
Benefit from the skills, experience, and expertise of an entire team, including GRC engineer, CISO, and PM.
Get your systems from chaos to compliant in just 3 months. Our comprehensive service streamlines the entire process.
Establish robust oversight of security, compliance, and infrastructure that inspires stakeholder trust and supports growth.
What Our Clients Say
-
Jones IT is SOC 2 Type 2 and ISO 27001 compliant, and HIPAA accredited.
-
You can learn about our security posture and request access to our security documentation here: https://trust.itjones.com/
-
We have extensive experience supporting organizations with compliance requirements, including SOC 2, HIPAA, ISO 27001, PCI DSS, NIST Cybersecurity Framework, NIST 800, FedRAMP, CMMC, ITAR, GDPR, CCPA, and many others
-
The base fee is $5,000 per month for companies with up to 50 employees, for a total program cost of $15,000 over the 3-month engagement. For companies with more than 50 employees, or those pursuing more than one compliance framework simultaneously, we provide multi-framework management and support at an additional flat fee, regardless of company size or complexity. Contact us for a custom quote.
Frequently Asked Questions
Evan Jones
Jones IT CEO