HECVAT: 26LLC and WCOnline

[Velislav K Pavlov <VelislavPavlov () FERRIS EDU>]

Good afternoon,

We are reviewing the WCOnline writing service by 26LLC. They provided HECVAT answers, which is great as we did not have 
to ask for it. Before we can finish our risk assessment, there are some outstanding considerations:

*         Evidence of continuous vulnerability detection and remediation capabilities

*         Evidence of continuous intrusion detection and prevention capabilities

*         The HECVAT is not accompanied by AICPA SSAE16, ISO, CSA CAIQ or related qualified third party attestation of 
risk assessment and adequate remediation

*         The vendor listed in HECVAT that they would not allow for us to engage in assessment of their infrastructure 
citing terms of use


If you have completed risk assessment of this provider, I will appreciate sharing your experience and conclusions. 
Thank you.

Vel Pavlov | Coordinator, IT Security
M.Sc. ISM, CISSP, C|HFI, C|EH, C)PTE,
Security+, CNA, MPCS, ITILv3F, A+
Big Rapids, MI 49307