Compass IT Compliance

IT security, compliance, and risk management services firm founded in 2010.

Hybrid

GRC

Vulnerability Management

Security Operations

Visit Website

Compass IT Compliance

IT security, compliance, and risk management services firm founded in 2010.

Hybrid

GRC•GRC•Vulnerability Management•Security Operations

Visit Website

API

450+ Data Points Per Product and Company

Track competitive landscapes, evaluate vendor risk for investments, or find the right security stack for your clients.

Request Access

Compass IT Compliance Description

Compass IT Compliance is a nationwide IT security, compliance, and risk management firm founded in 2010 by William DePalma and Jerry Hughes. The company serves organizations of all sizes across multiple industries, including banking and finance, higher education, healthcare, online retail, and payment processing. The company's service portfolio is organized across several practice areas. Its audit and compliance division covers SOC 1, 2, and 3 reports, PCI DSS, NIST, and other regulatory frameworks. Penetration testing services are offered alongside a vulnerability management program that includes vulnerability assessments, web application scanning, API scanning, firewall security reviews, Microsoft 365 security assessments, endpoint detection and response (EDR), and wireless network assessments. Compass also operates a Virtual CISO (vCISO) division, which provides organizations with fractional executive-level security leadership. This division utilizes tools such as Qualys VMDR and Qualys mRoC for vulnerability management activities. A dedicated cybersecurity division, branded as Compass Cyber Guard, is led by an SVP of Cybersecurity. The company describes its approach as collaborative rather than a traditional pass-or-fail audit model, focusing on identifying vulnerabilities and building security awareness within client organizations. A notable portion of the company's staff — approximately 25% — are military veterans. The team collectively holds over 50 industry certifications, and executive members participate as speakers at industry events nationwide. Compass has been recognized as a Best Places to Work in Rhode Island recipient eight times and reports serving over 1,000 clients nationwide.