We handle the unglamorous work: inventory, control mapping, owner assignment, remediation, and clean evidence. No PDFs thrown over the wall. No generic policy packs. Just a trackable program you can show to leadership and auditors.
Built for school districts, municipalities, townships, libraries, and regional agencies.
We translate statute into a living plan with owners and evidence.
Policies, procedures, and decision records aligned to HB96 requirements.
Systems, vendors, data, and risks tracked with owners and due dates.
Logging, incident runbooks, notification steps, and after-action evidence.
Annual training mapped to roles, rosters of completion, and reminders.
Backups, restoration tests, payment restrictions, and escalation paths.
Exportable packets: policies, screenshots, logs, and sign-offs.
Clear artifacts you can hand to leadership or an auditor.
We map your inventory to HB96, assign owners, track remediation, and produce auditor-ready evidence packs.
Right-sized governance and security. We plan, assign, track, and collect evidence without enterprise bloat.
Short workshops to gather systems, vendors, and current practices.
Every control and task gets an accountable owner and due date.
Collect proof and keep it fresh with light-touch check-ins.
Secured Roots is operator-led cybersecurity and GRC for Ohio. We focus on practical implementation: getting the right controls in place, proving they work, and keeping them working. Less shelfware, more signal.