Cybersecurity Regulations Are Growing.

Compliance requires demonstrating an effective level diligence.

Download Whitepaper

New York and Colorado’s cybersecurity regulations are setting a new standard of care.

Companies must take a risk-based approach to protecting systems and data. There are three essential and foundational steps that need to be addressed to demonstrate diligence and meet your obligations.


Request A Demo

Three Cybersecurity Essentials

Data Mapping

You can’t protect sensitive data if you don’t know where it exists and how it’s moving around. Gain critical insights with accurate, comprehensive data maps in 45 days

Data Minimization

Companies must routinely delete data based on an approved retention schedule.  Leverage proven retention standards and launch a world-class program in 45 days.

Third-Party Diligence

You are accountable for all vendors with access to your systems and data.  Assess all your vendors and demonstrate evidence of controls with the ACC Vendor Risk Service.

The Assessment for Information Risks

Get the Critical Datamaps You Need in 30 Days.
You can’t comply with cybersecurity regulations if you don’t know where personal and confidential data exists. Get comprehensive data maps covering all the critical elements so you can take action and address risks.

A Proven Process

We are the experts at developing data maps and uncovering hidden risks without disrupting your business. Our automation and industry-specific standards make your project fast, accurate and efficient.

 Data Maps

Gain insights into information risks and be ready to take action.  We deliver over a dozen data maps that identify what sensitive data you have, where it exists and how it's moving around.


Third-Party Access

Identify where personal and confidential data is being accesses and shared with third parties so you can ensure appropriate oversight and safeguards are in place.

Data Minimization Opportunities

Retention of personal data must be limited to a strict minimum. Use our data minimization reports to identify records that are over-retained and tagged with personal and sensitive data.

Executive Level Insights

Keep management informed and on track. Our renowned executive highlights presentation provides a briefing on risks and recommendations for next steps to keep your program moving.

Effective & Defensible

Off-the shelf, empty programs are insufficient. Our process is tightly structured and proven with hundreds of leading companies. You get predictable deliverables so you can meet your obligations.

Records Management Standards

Proven Retention Rules. Perfectly Enforced.
Retention of personal data must be kept to a strict minimum.
Establish a world-class retention program built on proven industry standards in less than 60 days.

A Trusted Partner

More than 1,000 companies have relied on us to develop actionable retention rules. We help you stand up a world-class program and dispose of obsolete data in 45 days leveraging our experience and best practices.

 Actionable Retention Rules

Meet your obligations to minimize data using proven, industry-specific retention rules that are tailored to meet your unique business needs.

The Right Policies

Get the required policies in place to protect your data and your company. Over a dozen critical policy templates are included and ready to be deployed.

Data Minimization Strategies

Retention rules only work if you deploy and enforce them. We provide actionable email retention guidelines and deletion strategies for all media types.

A Defensible Program

Communicate your policies, security guidelines, program reminders, disposal notices and legal holds to the right people with compliance-verified process.

Fully Supported

Your program is fully supported by Jordan Lawrence. Our web-based technology combined with our professional services team ensures your program is up and running quickly.


ACC Vendor Risk Service (VRS) is a powerful, cloud-based service that automates the third-party diligence process, saving companies time and money, while increasing their bandwidth.

Your IT and procurement teams will love the tremendous efficiency VRS delivers and your executive team and directors will appreciate VRS's effectiveness.

This robust platform...
  • Replaces error prone, resource intensive manual process.
  • Allows efficient diligence on any number of third-party vendors at once.
  • Helps identify and monitor the critical risks and vulnerabilities third-party vendors pose so you can protect sensitive company data.
  • Provides standards and processes to reduce risks.
  • Includes a centralized document repository.
  • Creates an audit trail.


Leverage powerful technology to expand the reach and effectiveness of your vendor due diligence efforts.



Incorporate the Law Firm Survey standard (based on the ACC Model Controls) to help identify some of your most pressing risks.



All our survey standards are based on recognized cyber security standards and designed for fast, accurate responses from your vendors.



Your largest vendors are not your greatest risk. Use the Vendor Risk Profile standard to assess your presumed "low risk" vendors.

Ready To Talk?