who is

Jim Comer?

ISO 9001 and SOC 2 consultant providing turn‑key, operator‑grade governance to small and medium‑sized businesses.

Before launching JimComer.net, I served as Vice President of Information Governance for a national provider of enterprise eDiscovery and governance programs. In that role, I led the sale and deployment of governance solutions in the enterprise space and oversaw a business unit responsible for structured controls, audit‑ready operations, and certification outcomes including SOC 2 Type II and ISO 27001. That work required real accountability in control design, evidence pathways, documentation alignment, and the operational discipline that determines whether an organization scales, stalls, or exposes itself to risk. That same discipline now anchors the governance services I deliver from Fernley, Nevada.

Information Governance as the Foundation

Information Governance is the discipline that aligns policy, process, and accountability across an organization. Most service providers do not have it. They store information everywhere — shared drives, inboxes, unmanaged repositories — creating blind spots, PII exposure, and operational fragility.

With unstructured data often representing 80 percent of what an organization holds, the absence of governance becomes a vector of exploit. IG provides the structure: classification, defensible delete, access control, documentation alignment, and the cross‑functional discipline that keeps information secure, discoverable, and auditable.

ISO 9001 as a Valuation Multiplier

ISO 9001 is the clearest signal of operational maturity a small service organization can send. It demonstrates documented processes, repeatable execution, corrective‑action discipline, and management accountability.

For buyers, auditors, and acquirers, ISO 9001 reduces operational risk and increases predictability. If you were acquiring a service provider to bid on enterprise or government projects, the ISO‑certified operation is the only rational choice. It is not branding; it is valuation.

SOC 2 Type II as the Trust Layer

SOC 2 Type II extends that discipline into security, availability, confidentiality, and processing integrity. It proves that controls do not merely exist; they operate consistently over time.

For organizations handling sensitive data or pursuing enterprise contracts, SOC 2 Type II is the trust layer procurement teams expect, and auditors verify.

Systems That Enforce the Discipline

Governance requires structure, and structure requires systems.

Through AmGood Design, I build the operational tools — CRUD applications, policy portals, evidence‑capture systems, intake flows, and data‑driven surfaces — that enforce the discipline defined through JimComer.net.

Governance and systems are not separate offerings; they are two halves of the same operational layer. JimComer.net establishes the controls, and AmGood Design builds the authored systems that make those controls real, repeatable, and audit‑ready. Together, they form a complete, operator‑grade environment that withstands scrutiny.

AmGood Design logo for link
Areas of Engagement and Contact Details

 ISO 9001 readiness and operational maturity frameworks

 SOC 2 Type II readiness and evidence pathways

 775.302.3063

 775.895.0024

  or start a conversation below

Start a Conversation

Jim Comer image