{"id":15152,"date":"2025-09-05T19:26:16","date_gmt":"2025-09-05T19:26:16","guid":{"rendered":"https:\/\/nmsconsulting.com\/?p=15152"},"modified":"2025-09-05T19:26:16","modified_gmt":"2025-09-05T19:26:16","slug":"it-compliance-consulting-guide-2025","status":"publish","type":"post","link":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/","title":{"rendered":"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001"},"content":{"rendered":"<!--themify_builder_content-->\n<div id=\"themify_builder_content-15152\" data-postid=\"15152\" class=\"themify_builder_content themify_builder_content-15152 themify_builder tf_clear\">\n                    <div  data-lazy=\"1\" class=\"module_row themify_builder_row tb_8ov0004 tb_first tf_w\">\n                        <div class=\"row_inner col_align_top tb_col_count_1 tf_box tf_rel\">\n                        <div  data-lazy=\"1\" class=\"module_column tb-column col-full tb_yx5l391 first\">\n                    <!-- module image -->\n<div  class=\"module module-image tb_5679902 image-center   tf_mw\" data-lazy=\"1\">\n        <div class=\"image-wrap tf_rel tf_mw\">\n            <img decoding=\"async\" src=\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-1024x683-950x633.jpg\" width=\"950\" height=\"633\" class=\"wp-post-image wp-image-15156\" title=\"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001\" alt=\"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001\" srcset=\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-1024x683-950x633.jpg 950w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-300x200.jpg 300w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-1024x683.jpg 1024w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-768x512.jpg 768w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-1536x1024.jpg 1536w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-90x60.jpg 90w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-1024x683-350x233.jpg 350w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001-1024x683-299x200.jpg 299w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg 1920w\" sizes=\"(max-width: 950px) 100vw, 950px\" \/>    \n        <\/div>\n    <!-- \/image-wrap -->\n    \n        <div class=\"image-content\">\n                        <div class=\"image-caption tb_text_wrap\">\n            IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001        <\/div>\n        <!-- \/image-caption -->\n            <\/div>\n    <!-- \/image-content -->\n        <\/div>\n<!-- \/module image --><!-- module text -->\n<div  class=\"module module-text tb_noq7220   \" data-lazy=\"1\">\n        <div  class=\"tb_text_wrap\">\n        <p><!-- ============================================================ NMS Consulting \u2014 IT Compliance Consulting Guide 2025 Security, Risk, Governance, SOC 2 and ISO 27001 Clean, snippet-friendly HTML with hardened CTAs and sources ============================================================ --><\/p>\n<p><meta name=\"description\" content=\"Plain definition of IT compliance consulting, what consultants do across security, risk, governance, SOC 2 and ISO 27001, and how to start in 90 days. Includes key numbers, FAQs, and links to related NMS guides.\"><br \/>\n<link rel=\"preconnect\" href=\"https:\/\/fonts.gstatic.com\" crossorigin>\n<meta name=\"robots\" content=\"index,follow,max-snippet:-1,max-image-preview:large\"><br \/>\n<!-- Keep URL stable; add this page to your XML sitemap and link from Services and Insights hubs. --><\/p>\n<style>\n  :root{ --brand:#8f0020; --ink:#1a1a1a; --wash:#faf7f8; }<br \/>\n  .nms-exec{ color:var(--ink); font-family:system-ui,-apple-system,Segoe UI,Roboto,Arial,sans-serif; line-height:1.6; }<br \/>\n  .nms-exec .container{ max-width:980px; margin:0 auto; padding:24px; }<\/p>\n<p>  \/* Meta band (no H1; your theme prints the page title) *\/<br \/>\n  .hero-band{ background:var(--wash); border-top:6px solid var(--brand); padding:18px 20px; border-radius:14px; margin:0 0 20px; box-shadow:0 1px 3px rgba(0,0,0,.05); }<br \/>\n  .byline{ font-size:.95rem; color:#555; margin:.25rem 0 0; }<br \/>\n  .dates{ font-size:.9rem; color:#666; margin:.1rem 0 0; }<\/p>\n<p>  \/* Reusable callouts *\/<br \/>\n  .answer-box{ background:#fff; border:2px solid var(--brand); border-radius:14px; padding:14px 16px; }<br \/>\n  .note{ background:var(--wash); border:2px solid var(--brand); border-radius:14px; padding:12px 14px; margin:20px 0; }<br \/>\n  .box{ background:#fff; border:2px solid var(--brand); border-radius:14px; padding:14px 16px; box-shadow:0 1px 2px rgba(0,0,0,.04); }<\/p>\n<p>  \/* Headings *\/<br \/>\n  h2{ font-size:1.45rem; line-height:1.25; margin:1.5em 0 .6em; }<br \/>\n  h3{ font-size:1.18rem; line-height:1.35; margin:1.1em 0 .45em; }<\/p>\n<p>  \/* KPI \/ evidence table *\/<br \/>\n  .pro-table{ width:100%; border-collapse:separate; border-spacing:0; margin:.6em 0 1.2em; table-layout:fixed; }<br \/>\n  .pro-table th, .pro-table td{ border:1px solid #ddd; padding:10px 12px; text-align:left; vertical-align:top; }<br \/>\n  .pro-table thead th{ background:var(--wash); }<br \/>\n  .pro-table caption{ caption-side:top; font-weight:700; margin:.2em 0 .5em; }<br \/>\n  .pro-table col.col-find{ width:48%; } .pro-table col.col-fig{ width:22%; } .pro-table col.col-src{ width:30%; }<\/p>\n<p>  \/* Stat grid *\/<br \/>\n  .stat-grid{ display:grid; grid-template-columns:repeat(auto-fit,minmax(220px,1fr)); gap:12px; margin:14px 0; }<br \/>\n  .stat{ border:1px solid #e6e6e6; border-radius:14px; padding:14px 16px; background:#fff; box-shadow:0 1px 3px rgba(0,0,0,.05); }<br \/>\n  .stat .value{ font-size:1.4rem; font-weight:800; color:var(--brand); letter-spacing:-.01em; font-variant-numeric:tabular-nums; }<br \/>\n  .stat .label{ font-size:.95rem; color:#444; }<\/p>\n<p>  \/* Links and hardened CTAs *\/<br \/>\n  a{ color:var(--brand); text-decoration-thickness:1.5px; text-underline-offset:3px; }<br \/>\n  a:hover{ opacity:.94; }<br \/>\n  a.cta, a.cta:link, a.cta:visited, .wp-element-button.cta, .wp-block-button__link.cta{<br \/>\n    background-color:var(--brand) !important; border:2px solid var(--brand) !important; color:#fff !important;<br \/>\n    display:inline-block !important; padding:12px 18px !important; text-decoration:none !important; border-radius:12px !important;<br \/>\n    font-weight:700 !important; line-height:1.2 !important; box-shadow:0 1px 3px rgba(0,0,0,.08) !important;<br \/>\n  }<br \/>\n  a.cta:hover{ opacity:.95 !important; }<\/p>\n<p>  .sources li{ word-break:break-word; }<\/p>\n<p>  @media (max-width:640px){<br \/>\n    .nms-exec .container{ padding:18px; }<br \/>\n    h2{ font-size:1.35rem; }<br \/>\n  }<br \/>\n<\/style>\n<p><!-- BlogPosting schema --><br \/>\n<script type=\"application\/ld+json\">\n{\n  \"@context\":\"https:\/\/schema.org\",\n  \"@type\":\"BlogPosting\",\n  \"headline\":\"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001\",\n  \"description\":\"Plain definition of IT compliance consulting, what consultants do across security, risk, governance, SOC 2 and ISO 27001, and how to start in 90 days. Includes key numbers, FAQs, and links to related NMS guides.\",\n  \"datePublished\":\"2025-09-05\",\n  \"dateModified\":\"2025-09-05\",\n  \"author\":{\"@type\":\"Person\",\"name\":\"Aykut Cakir\"},\n  \"publisher\":{\"@type\":\"Corporation\",\"name\":\"NMS Consulting\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2020\/05\/NMS-Logo.png\"}},\n  \"mainEntityOfPage\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/nmsconsulting.com\/insights\/it-compliance-consulting-guide-2025\/\"}\n}\n<\/script><\/p>\n<p><!-- FAQ schema --><br \/>\n<script type=\"application\/ld+json\">\n{\n \"@context\":\"https:\/\/schema.org\",\n \"@type\":\"FAQPage\",\n \"mainEntity\":[\n   {\n     \"@type\":\"Question\",\n     \"name\":\"What is IT compliance consulting?\",\n     \"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"IT compliance consulting helps a company meet security, privacy, and industry rules by mapping standards to controls, closing gaps, and maintaining evidence. Typical focus areas include SOC 2, ISO 27001, NIST CSF, PCI DSS, HIPAA, and state privacy rules such as CPRA.\"}\n   },\n   {\n     \"@type\":\"Question\",\n     \"name\":\"How is cybersecurity different from data privacy?\",\n     \"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Cybersecurity protects systems and data from unauthorized access or loss. Data privacy governs how personal data is collected, used, shared, and retained. Compliance programs need both: technical safeguards and policy controls.\"}\n   }\n ]\n}\n<\/script><\/p>\n<div class=\"nms-exec\">\n<div class=\"container\">\n<p>    <!-- No H1 here; your theme prints the page title --><\/p>\n<section class=\"hero-band\" aria-label=\"Meta\">\n<p class=\"byline\">Author: Aykut Cakir<\/p>\n<p class=\"dates\">Published: <time datetime=\"2025-09-05\">2025-09-05<\/time> \u2022 Updated: <time datetime=\"2025-09-05\">2025-09-05<\/time><\/p>\n<\/section>\n<p>    <!-- Quick answer (40\u201360 words) --><\/p>\n<section class=\"answer-box\" aria-label=\"Quick answer\">\n      <strong>Quick answer:<\/strong><br \/>\n      IT compliance consulting maps standards to practical controls, closes audit gaps, and sets governance so your team can prove security and privacy on demand. Start with SOC 2 or ISO 27001 scope, align to NIST CSF, fix high-risk gaps, and stand up evidence workflows before auditor fieldwork.<br \/>\n    <\/section>\n<p style=\"margin:.8rem 0 1.1rem;\">Want a 90-day plan that aligns SOC 2, ISO 27001, and NIST CSF? <a class=\"cta\" href=\"https:\/\/nmsconsulting.com\/contact\/\">Talk to a consultant<\/a><\/p>\n<h2 id=\"what\">What IT Compliance Consultants Do<\/h2>\n<ul>\n<li><strong>Readiness and gap assessment.<\/strong> Map SOC 2 Trust Services Criteria and ISO 27001 requirements to current controls, prioritize remediations, and create an evidence plan.<\/li>\n<li><strong>ISMS and policies.<\/strong> Build an ISO 27001 Information Security Management System, risk register, statement of applicability, and control owners.<\/li>\n<li><strong>Audit support.<\/strong> Prepare artifacts, system descriptions, and control narratives for SOC 2 Type 1 and Type 2, then liaise with auditors.<\/li>\n<li><strong>Privacy and sector rules.<\/strong> Align HIPAA Security Rule safeguards, CPRA program needs, and FTC Safeguards Rule updates with security controls.<\/li>\n<li><strong>Continuous governance.<\/strong> Quarterly testing, vendor risk reviews, incident response drills, training, and board-ready reporting.<\/li>\n<\/ul>\n<h2 id=\"why-now\">Why It Matters in 2025<\/h2>\n<div class=\"stat-grid\" aria-label=\"Headline stats\">\n<div class=\"stat\">\n<div class=\"value\">$4.44M<\/div>\n<div class=\"label\">Average global data breach cost in 2025; $10.22M in the U.S.<\/div>\n<\/div>\n<div class=\"stat\">\n<div class=\"value\">2.0<\/div>\n<div class=\"label\">NIST CSF adds a Govern function that strengthens oversight<\/div>\n<\/div>\n<div class=\"stat\">\n<div class=\"value\">v4.0.1<\/div>\n<div class=\"label\">PCI DSS updates emphasize continuous controls<\/div>\n<\/div>\n<div class=\"stat\">\n<div class=\"value\">ISO 27001<\/div>\n<div class=\"label\">2024 amendment published; ISMS remains the anchor for control sets<\/div>\n<\/div>\n<\/div>\n<section class=\"note\" aria-label=\"Key numbers\">\n<table class=\"pro-table\">\n<caption><strong>Key Numbers and References<\/strong><\/caption>\n<colgroup>\n<col class=\"col-find\">\n<col class=\"col-fig\">\n<col class=\"col-src\"><\/colgroup>\n<thead>\n<tr>\n<th scope=\"col\">Finding<\/th>\n<th scope=\"col\">Figure<\/th>\n<th scope=\"col\">Source<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Average global breach cost, U.S. breach cost<\/td>\n<td><a href=\"https:\/\/www.ibm.com\/reports\/data-breach\" rel=\"noopener\">$4.44M<\/a> global; <a href=\"https:\/\/newsroom.ibm.com\/2025-07-30-ibm-report-13-of-organizations-reported-breaches-of-ai-models-or-applications%2C-97-of-which-reported-lacking-proper-ai-access-controls\" rel=\"noopener\">$10.22M U.S.<\/a><\/td>\n<td>IBM Cost of a Data Breach 2025<\/td>\n<\/tr>\n<tr>\n<td>NIST CSF adds a <em>Govern<\/em> function in version 2.0<\/td>\n<td><a href=\"https:\/\/www.nist.gov\/news-events\/news\/2024\/02\/nist-releases-version-20-landmark-cybersecurity-framework\" rel=\"noopener\">Identify, Protect, Detect, Respond, Recover, Govern<\/a><\/td>\n<td>NIST news release, 2024<\/td>\n<\/tr>\n<tr>\n<td>ISO\/IEC 27001 remains the ISMS baseline; 2024 amendment published<\/td>\n<td><a href=\"https:\/\/www.iso.org\/standard\/27001\" rel=\"noopener\">ISO\/IEC 27001:2022<\/a>; <a href=\"https:\/\/www.iso.org\/standard\/88435.html\" rel=\"noopener\">Amd 1:2024<\/a><\/td>\n<td>ISO<\/td>\n<\/tr>\n<tr>\n<td>PCI DSS current version and updates<\/td>\n<td><a href=\"https:\/\/www.pcisecuritystandards.org\/standards\/pci-dss\/\" rel=\"noopener\">PCI DSS<\/a> <a href=\"https:\/\/www.pcisecuritystandards.org\/document_library\/\" rel=\"noopener\">v4.0.1<\/a><\/td>\n<td>PCI SSC, 2024<\/td>\n<\/tr>\n<tr>\n<td>HIPAA Security Rule safeguards categories<\/td>\n<td><a href=\"https:\/\/www.hhs.gov\/hipaa\/for-professionals\/security\/laws-regulations\/index.html\" rel=\"noopener\">Administrative, physical, technical<\/a><\/td>\n<td>HHS<\/td>\n<\/tr>\n<tr>\n<td>SEC cybersecurity disclosure requirements for public companies<\/td>\n<td><a href=\"https:\/\/www.sec.gov\/newsroom\/press-releases\/2023-139\" rel=\"noopener\">Incident and governance disclosures<\/a><\/td>\n<td>SEC final rules, 2023<\/td>\n<\/tr>\n<tr>\n<td>California Privacy Rights Act regulations and enforcement<\/td>\n<td><a href=\"https:\/\/cppa.ca.gov\/regulations\/consumer_privacy_act.html\" rel=\"noopener\">CCPA regs effective 2023<\/a> and <a href=\"https:\/\/cppa.ca.gov\/about_us\/\" rel=\"noopener\">CPPA overview<\/a><\/td>\n<td>CPPA<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"margin:.6em 0 0; font-size:.92rem;\">These references show why aligning security, privacy, and audit evidence is a 2025 priority for SaaS, healthcare, fintech, and retail teams.<\/p>\n<\/section>\n<h2 id=\"frameworks\">Core Standards and How They Fit Together<\/h2>\n<ul>\n<li><strong>SOC 2.<\/strong> Attestation over controls for security, availability, processing integrity, confidentiality, and privacy. See <a href=\"https:\/\/www.aicpa.org\/topic\/audit-assurance\/audit-and-assurance-greater-than-soc-2\" rel=\"noopener\">AICPA SOC 2<\/a> and <a href=\"https:\/\/www.aicpa.org\/resources\/download\/2017-trust-services-criteria-with-revised-points-of-focus-2022\" rel=\"noopener\">Trust Services Criteria<\/a>.<\/li>\n<li><strong>ISO 27001.<\/strong> An ISMS that defines policy, risk treatment, controls, and continuous improvement. Start with scope and risk, then implement Annex A controls. See <a href=\"https:\/\/www.iso.org\/standard\/27001\" rel=\"noopener\">ISO 27001<\/a>.<\/li>\n<li><strong>NIST CSF 2.0.<\/strong> A flexible framework to organize risk work. Use it to inventory, govern, and improve controls. See <a href=\"https:\/\/nvlpubs.nist.gov\/nistpubs\/CSWP\/NIST.CSWP.29.pdf\" rel=\"noopener\">CSF 2.0<\/a>.<\/li>\n<li><strong>PCI DSS.<\/strong> Required when handling cardholder data. Align network segmentation, encryption, monitoring, and testing with <a href=\"https:\/\/www.pcisecuritystandards.org\/standards\/pci-dss\/\" rel=\"noopener\">PCI DSS<\/a>.<\/li>\n<li><strong>HIPAA Security Rule.<\/strong> Safeguards for ePHI; pair with workforce training and vendor controls. See <a href=\"https:\/\/www.hhs.gov\/hipaa\/for-professionals\/security\/index.html\" rel=\"noopener\">HHS<\/a>.<\/li>\n<li><strong>CPRA.<\/strong> A California privacy regime enforced by CPPA; operationalize consent, rights, and retention. See <a href=\"https:\/\/cppa.ca.gov\/regulations\/\" rel=\"noopener\">CPPA regulations<\/a>.<\/li>\n<\/ul>\n<h2 id=\"services\">Typical IT Compliance Consulting Services<\/h2>\n<ul>\n<li><strong>Readiness and roadmaps.<\/strong> SOC 2 Type 1 and Type 2 readiness, ISO 27001 gap and ISMS plan, PCI DSS scope reduction.<\/li>\n<li><strong>Policies and procedures.<\/strong> Access control, incident response, vendor risk, secure development, encryption, data retention.<\/li>\n<li><strong>Risk and governance.<\/strong> Risk assessments, control testing, board KPIs, and audit committee reporting.<\/li>\n<li><strong>Privacy program build.<\/strong> Data mapping, consent flows, subject rights, retention schedules, CPRA notices.<\/li>\n<li><strong>Continuous assurance.<\/strong> Evidence collection, control monitoring, quarterly reviews, tabletop exercises.<\/li>\n<\/ul>\n<p class=\"box\"><strong>Need hands-on help?<\/strong> Our <a href=\"https:\/\/nmsconsulting.com\/cybersecurity-data-privacy\/\">cybersecurity and data privacy<\/a> team pairs <a href=\"https:\/\/nmsconsulting.com\/digital-and-technology\/\">digital and technology<\/a> with <a href=\"https:\/\/nmsconsulting.com\/risk-management\/\">risk management<\/a> to move from plan to audit-ready execution. <a class=\"cta\" href=\"https:\/\/nmsconsulting.com\/contact\/\">Book a discovery call<\/a><\/p>\n<h2 id=\"start\">How to Start in 90 Days<\/h2>\n<ol>\n<li><strong>Scope and baseline.<\/strong> Pick SOC 2 or ISO 27001 scope, list in-scope systems and vendors, and pull current evidence.<\/li>\n<li><strong>Fix the top gaps.<\/strong> Multi-factor coverage, logging, backup and recovery tests, vulnerability management, and encryption at rest and in transit.<\/li>\n<li><strong>Stand up governance.<\/strong> Create a quarterly control review, incident drill, and vendor risk cadence; map to NIST CSF functions.<\/li>\n<li><strong>Prepare for audit.<\/strong> Lock descriptions and policies, assign control owners, and schedule the auditor window.<\/li>\n<\/ol>\n<h2 id=\"faq\">FAQ<\/h2>\n<h3>What is an IT compliance consultant?<\/h3>\n<p>    A practitioner who translates standards into workable controls, closes gaps, and prepares evidence so your company passes audits and proves trust to customers.<\/p>\n<h3>How is cybersecurity different from data privacy?<\/h3>\n<p>    Cybersecurity protects systems and data. Privacy governs how personal data is collected, used, shared, and retained. Programs need both.<\/p>\n<h3>Which standard should we start with?<\/h3>\n<p>    SaaS teams often start with SOC 2 for customer trust; global or regulated teams may prioritize ISO 27001 for ISMS structure. Many align both to NIST CSF.<\/p>\n<h3>How long does SOC 2 Type 2 take?<\/h3>\n<p>    Commonly 3 to 6 months of remediation and evidence collection, plus a 3 to 12 month operating window depending on scope and maturity.<\/p>\n<h2 id=\"related\">Related Reading<\/h2>\n<ul>\n<li><a href=\"https:\/\/nmsconsulting.com\/cybersecurity-data-privacy\/\">Cybersecurity and Data Privacy Services<\/a><\/li>\n<li><a href=\"https:\/\/nmsconsulting.com\/what-does-a-data-privacy-consultant-do\/\">What Does a Data Privacy Consultant Do?<\/a><\/li>\n<li><a href=\"https:\/\/nmsconsulting.com\/insights\/california-privacy-rights-act\/\">What Is the CPRA?<\/a><\/li>\n<li><a href=\"https:\/\/nmsconsulting.com\/risk-management\/\">Risk Management Services<\/a><\/li>\n<li><a href=\"https:\/\/nmsconsulting.com\/insights\/what-is-risk-management-consulting\/\">What Is Risk Management Consulting?<\/a><\/li>\n<li><a href=\"https:\/\/nmsconsulting.com\/digital-and-technology\/\">Digital and Technology Consulting<\/a><\/li>\n<li><a href=\"https:\/\/nmsconsulting.com\/change-management\/\">Change Management Services<\/a><\/li>\n<\/ul>\n<div class=\"box\" aria-label=\"CTA box\">\n      <strong>Ready to align SOC 2, ISO 27001, and NIST CSF?<\/strong><br \/>\n      We can scope, fix top gaps, and prepare audit evidence on a 90-day clock.<br \/>\n      <a class=\"cta\" href=\"https:\/\/nmsconsulting.com\/contact\/\">Request an IT compliance review<\/a>\n    <\/div>\n<h2 id=\"sources\">Sources<\/h2>\n<ul class=\"sources\">\n<li>IBM. Cost of a Data Breach 2025. https:\/\/www.ibm.com\/reports\/data-breach<\/li>\n<li>IBM Newsroom. U.S. cost and AI notes. https:\/\/newsroom.ibm.com\/2025-07-30-ibm-report-13-of-organizations-reported-breaches-of-ai-models-or-applications%2C-97-of-which-reported-lacking-proper-ai-access-controls<\/li>\n<li>NIST. CSF 2.0 news. https:\/\/www.nist.gov\/news-events\/news\/2024\/02\/nist-releases-version-20-landmark-cybersecurity-framework<\/li>\n<li>NIST. CSF 2.0 document. https:\/\/nvlpubs.nist.gov\/nistpubs\/CSWP\/NIST.CSWP.29.pdf<\/li>\n<li>ISO. ISO\/IEC 27001 overview. https:\/\/www.iso.org\/standard\/27001<\/li>\n<li>ISO. ISO\/IEC 27001:2022\/Amd 1:2024. https:\/\/www.iso.org\/standard\/88435.html<\/li>\n<li>AICPA. SOC 2 overview and Trust Services Criteria. https:\/\/www.aicpa.org\/topic\/audit-assurance\/audit-and-assurance-greater-than-soc-2<\/li>\n<li>PCI Security Standards Council. PCI DSS and docs. https:\/\/www.pcisecuritystandards.org\/standards\/pci-dss\/ and https:\/\/www.pcisecuritystandards.org\/document_library\/<\/li>\n<li>HHS. HIPAA Security Rule summary. https:\/\/www.hhs.gov\/hipaa\/for-professionals\/security\/laws-regulations\/index.html<\/li>\n<li>SEC. Final cybersecurity disclosure rules. https:\/\/www.sec.gov\/newsroom\/press-releases\/2023-139<\/li>\n<li>CPPA. CCPA regulations and CPRA overview. https:\/\/cppa.ca.gov\/regulations\/consumer_privacy_act.html and https:\/\/cppa.ca.gov\/about_us\/<\/li>\n<\/ul>\n<footer><a class=\"cta\" href=\"https:\/\/nmsconsulting.com\/contact\/\">Speak with an IT compliance consultant<\/a><\/footer>\n<\/div>\n<\/div>\n    <\/div>\n<\/div>\n<!-- \/module text --><!-- module text -->\n<div  class=\"module module-text tb_jugz444   \" data-lazy=\"1\">\n        <div  class=\"tb_text_wrap\">\n        <p><u><br><br><br>About the Author<\/u><\/p>    <\/div>\n<\/div>\n<!-- \/module text -->        <\/div>\n                        <\/div>\n        <\/div>\n                        <div  data-lazy=\"1\" class=\"module_row themify_builder_row tb_6vo0027 tf_w\">\n                        <div class=\"row_inner col_align_top tb_col_count_2 tf_box tf_rel\">\n                        <div  data-lazy=\"1\" class=\"module_column tb-column tb_bdpf900 first\">\n                            <\/div>\n                    <div  data-lazy=\"1\" class=\"module_column tb-column tb_16b2200 last\">\n                            <\/div>\n                        <\/div>\n        <\/div>\n                        <div  data-lazy=\"1\" class=\"module_row themify_builder_row tb_3c10240 tf_w\">\n                        <div class=\"row_inner col_align_top tb_col_count_2 tf_box tf_rel\">\n                        <div  data-lazy=\"1\" class=\"module_column tb-column tb_5jj4036 first\">\n                    <!-- module image -->\n<div  class=\"module module-image tb_zf4a340 image-top   tf_mw\" data-lazy=\"1\">\n        <div class=\"image-wrap tf_rel tf_mw\">\n            <a href=\"https:\/\/nmsconsulting.com\/team\/aykut-cakir\/\">\n                   <img decoding=\"async\" src=\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2021\/08\/aykut-new2-100x100.jpg\" width=\"100\" height=\"100\" class=\"wp-post-image wp-image-8025\" title=\"Aykut Cakir\" alt=\"Aykut Cakir\" srcset=\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2021\/08\/aykut-new2-100x100.jpg 100w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2021\/08\/aykut-new2-300x300.jpg 300w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2021\/08\/aykut-new2-250x250.jpg 250w, https:\/\/nmsconsulting.com\/wp-content\/uploads\/2021\/08\/aykut-new2-200x200.jpg 200w\" sizes=\"(max-width: 100px) 100vw, 100px\" \/>        <\/a>\n    \n        <\/div>\n    <!-- \/image-wrap -->\n    \n        <div class=\"image-content\">\n                    <h2 class=\"image-title\">\n                                    <a href=\"https:\/\/nmsconsulting.com\/team\/aykut-cakir\/\">\n                        Aykut Cakir                    <\/a>\n                            <\/h2>\n                    <\/div>\n    <!-- \/image-content -->\n        <\/div>\n<!-- \/module image -->        <\/div>\n                    <div  data-lazy=\"1\" class=\"module_column tb-column tb_s0hp440 last\">\n                    <!-- module text -->\n<div  class=\"module module-text tb_jny4930   \" data-lazy=\"1\">\n        <div  class=\"tb_text_wrap\">\n        <p><a href=\"https:\/\/nmsconsulting.com\/team\/aykut-cakir\">Aykut Cakir<\/a>, Senior Partner and Chief Executive Officer, has a demonstrated history in negotiations, business planning, business development. He has served as a Finance Director for gases &amp; energy, pharmaceuticals, retail, FMCG, and automotive industries. He has collaborated closely with client leadership to co-create a customized operating model tailored to the unique needs of each project segment in the region. Aykut conducted workshops focused on developing effective communication strategies to ensure team alignment with new operating models and organizational changes.\u00a0<\/p>    <\/div>\n<\/div>\n<!-- \/module text -->        <\/div>\n                        <\/div>\n        <\/div>\n        <\/div>\n<!--\/themify_builder_content-->\r\n\r\n\r\n\r\n<p>&nbsp;<\/p>\r\n\r\n<p>&nbsp;<\/p>","protected":false},"excerpt":{"rendered":"<p>IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.<\/p>\n","protected":false},"author":4,"featured_media":15156,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[421,68,22,436,69,1],"tags":[],"class_list":["post-15152","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-change-management","category-corp-ad","category-insights","category-it","category-mgmt-con","category-nms","has-post-title","has-post-date","has-post-category","has-post-tag","has-post-comment","has-post-author",""],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>IT Compliance Consulting: Security, Risk &amp; Governance<\/title>\n<meta name=\"description\" content=\"IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"IT Compliance Consulting: Security, Risk &amp; Governance\" \/>\n<meta property=\"og:description\" content=\"IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\" \/>\n<meta property=\"og:site_name\" content=\"NMS Consulting\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-05T19:26:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Arthur Mansourian\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@NMSConsultingBH\" \/>\n<meta name=\"twitter:site\" content=\"@NMSConsultingBH\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Arthur Mansourian\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\"},\"author\":{\"name\":\"Arthur Mansourian\",\"@id\":\"https:\/\/nmsconsulting.com\/#\/schema\/person\/32bbbcba1bcf4b036770df81350721af\"},\"headline\":\"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001\",\"datePublished\":\"2025-09-05T19:26:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\"},\"wordCount\":1067,\"publisher\":{\"@id\":\"https:\/\/nmsconsulting.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg\",\"articleSection\":[\"Change Management\",\"Corporate Advisory\",\"Insights\",\"IT\",\"Management Consulting\",\"NMS\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\",\"url\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\",\"name\":\"IT Compliance Consulting: Security, Risk & Governance\",\"isPartOf\":{\"@id\":\"https:\/\/nmsconsulting.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg\",\"datePublished\":\"2025-09-05T19:26:16+00:00\",\"description\":\"IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.\",\"breadcrumb\":{\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage\",\"url\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg\",\"contentUrl\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg\",\"width\":1920,\"height\":1280,\"caption\":\"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/nmsconsulting.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NMS\",\"item\":\"https:\/\/nmsconsulting.com\/nms\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/nmsconsulting.com\/#website\",\"url\":\"https:\/\/nmsconsulting.com\/\",\"name\":\"NMS Consulting\",\"description\":\"A Vision for Solutions\",\"publisher\":{\"@id\":\"https:\/\/nmsconsulting.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/nmsconsulting.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/nmsconsulting.com\/#organization\",\"name\":\"NMS Consulting, Inc.\",\"url\":\"https:\/\/nmsconsulting.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nmsconsulting.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2019\/03\/Logo-Full-Color-copy-cropped.png\",\"contentUrl\":\"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2019\/03\/Logo-Full-Color-copy-cropped.png\",\"width\":1920,\"height\":1612,\"caption\":\"NMS Consulting, Inc.\"},\"image\":{\"@id\":\"https:\/\/nmsconsulting.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/NMSConsultingBH\",\"https:\/\/www.instagram.com\/nmsglobal\/\",\"https:\/\/www.linkedin.com\/company\/nms-consulting-inc\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/nmsconsulting.com\/#\/schema\/person\/32bbbcba1bcf4b036770df81350721af\",\"name\":\"Arthur Mansourian\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nmsconsulting.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/aa34b51e194cd6f842877704f0b70bfc92606c57a35c98cd948ae6c9bbce8639?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/aa34b51e194cd6f842877704f0b70bfc92606c57a35c98cd948ae6c9bbce8639?s=96&d=mm&r=g\",\"caption\":\"Arthur Mansourian\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IT Compliance Consulting: Security, Risk & Governance","description":"IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/","og_locale":"en_US","og_type":"article","og_title":"IT Compliance Consulting: Security, Risk & Governance","og_description":"IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.","og_url":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/","og_site_name":"NMS Consulting","article_published_time":"2025-09-05T19:26:16+00:00","og_image":[{"width":1920,"height":1280,"url":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg","type":"image\/jpeg"}],"author":"Arthur Mansourian","twitter_card":"summary_large_image","twitter_creator":"@NMSConsultingBH","twitter_site":"@NMSConsultingBH","twitter_misc":{"Written by":"Arthur Mansourian","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#article","isPartOf":{"@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/"},"author":{"name":"Arthur Mansourian","@id":"https:\/\/nmsconsulting.com\/#\/schema\/person\/32bbbcba1bcf4b036770df81350721af"},"headline":"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001","datePublished":"2025-09-05T19:26:16+00:00","mainEntityOfPage":{"@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/"},"wordCount":1067,"publisher":{"@id":"https:\/\/nmsconsulting.com\/#organization"},"image":{"@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg","articleSection":["Change Management","Corporate Advisory","Insights","IT","Management Consulting","NMS"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/","url":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/","name":"IT Compliance Consulting: Security, Risk & Governance","isPartOf":{"@id":"https:\/\/nmsconsulting.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage"},"image":{"@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage"},"thumbnailUrl":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg","datePublished":"2025-09-05T19:26:16+00:00","description":"IT compliance consulting for SOC 2, ISO 27001, HIPAA, PCI and GDPR. Gap assessments, risk management, policies, audits, tooling and a 90 day plan.","breadcrumb":{"@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#primaryimage","url":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg","contentUrl":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2025\/09\/IT-Compliance-Consulting-Guide-2025-Security-Risk-Governance-SOC-2-and-ISO-27001.jpg","width":1920,"height":1280,"caption":"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001"},{"@type":"BreadcrumbList","@id":"https:\/\/nmsconsulting.com\/it-compliance-consulting-guide-2025\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nmsconsulting.com\/"},{"@type":"ListItem","position":2,"name":"NMS","item":"https:\/\/nmsconsulting.com\/nms\/"},{"@type":"ListItem","position":3,"name":"IT Compliance Consulting Guide 2025: Security, Risk, Governance, SOC 2 and ISO 27001"}]},{"@type":"WebSite","@id":"https:\/\/nmsconsulting.com\/#website","url":"https:\/\/nmsconsulting.com\/","name":"NMS Consulting","description":"A Vision for Solutions","publisher":{"@id":"https:\/\/nmsconsulting.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nmsconsulting.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/nmsconsulting.com\/#organization","name":"NMS Consulting, Inc.","url":"https:\/\/nmsconsulting.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nmsconsulting.com\/#\/schema\/logo\/image\/","url":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2019\/03\/Logo-Full-Color-copy-cropped.png","contentUrl":"https:\/\/nmsconsulting.com\/wp-content\/uploads\/2019\/03\/Logo-Full-Color-copy-cropped.png","width":1920,"height":1612,"caption":"NMS Consulting, Inc."},"image":{"@id":"https:\/\/nmsconsulting.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/NMSConsultingBH","https:\/\/www.instagram.com\/nmsglobal\/","https:\/\/www.linkedin.com\/company\/nms-consulting-inc\/"]},{"@type":"Person","@id":"https:\/\/nmsconsulting.com\/#\/schema\/person\/32bbbcba1bcf4b036770df81350721af","name":"Arthur Mansourian","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nmsconsulting.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/aa34b51e194cd6f842877704f0b70bfc92606c57a35c98cd948ae6c9bbce8639?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/aa34b51e194cd6f842877704f0b70bfc92606c57a35c98cd948ae6c9bbce8639?s=96&d=mm&r=g","caption":"Arthur Mansourian"}}]}},"_links":{"self":[{"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/posts\/15152","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/comments?post=15152"}],"version-history":[{"count":7,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/posts\/15152\/revisions"}],"predecessor-version":[{"id":15161,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/posts\/15152\/revisions\/15161"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/media\/15156"}],"wp:attachment":[{"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/media?parent=15152"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/categories?post=15152"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nmsconsulting.com\/wp-json\/wp\/v2\/tags?post=15152"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}