Written Information Security Program (WISP) Bundle #1A - NIST Cybersecurity Framework (20% discount)
Why Are These Products Part of The Bundle?
This bundle is designed for organizations that need a cost-effective and timely solution to obtain NIST Cybersecurity Framework (NIST CSF)-based cybersecurity policies, standards and procedures that map to the low, moderate and privacy baselines. This is a combination of our Written Information Security Program's (WISP) cybersecurity policies and standards, along with the Cybersecurity Standard Operating Procedures' (CSOP) procedures. The end result is a comprehensive, customizable, easily implemented set of documentation that your company needs to establish a cybersecurity program. Being Microsoft Word documents, you have the ability to make edits, as needed.
Please note that if you want a customized bundle, we are happy to create one for you. Just contact us with your needs and we will generate a quote for you.
Products Included in WISP Bundle #1A (NIST Cybersecurity Framework-based policies, standards & procedures)
Written Information Security Program (WISP) - NIST CSF
NIST Cybersecurity Framework-based cybersecurity policies & standards in an editable Microsoft Word format.
- The WISP addresses the “why?” and “what?” questions in an audit, since policies and standards form the foundation for your cybersecurity program.
- Under each of the policies are standards that support those policy statements.
- WISP contains many useful supplemental documentation templates:
- Business Impact Analysis (BIA) template
- Data classification & handling guidelines
- Data retention guidelines
- Rules of behavior (acceptable use)
- Bring Your Own Device (BYOD) usage guidelines
- Risk management guidelines
- System hardening guidelines
- and more templates
Cybersecurity Standardized Operating Procedures Template (CSOP) - NIST CSF
The WISP version of the CSOP is a template for procedures that map to the policies and standards in the WISP. This is an expectation that companies have to demonstrate HOW cybersecurity controls are actually implemented.
- This is an editable Microsoft Word document.
- Given the difficult nature of writing templated procedure statements, we aimed for approximately a "80% solution" since it is impossible write a 100% complete cookie cutter procedure statement that can be equally applied across multiple organizations. What this means is ComplianceForge did the heavy lifting and you just need to fine-tune the procedure with the specifics that only you would know to make it applicable to your organization. It is pretty much filling in the blanks and following the helpful guidance that we provide to identify the who/what/when/where/why/how to make it complete.
- The CSOP is mapped to leading frameworks to help with mapping compliance requirements.