Written Information Security Program (WISP) Bundle #2 - 20% discount
Products Included in WISP Bundle #2
Risk management made easy! Your choice of WISP (ISO 27002, NIST 800-53 or NIST Cybersecurity Framework) and program-level documentation to manage cybersecurity risks!
Written Information Security Program (WISP)
- ISO 27002, NIST 800-53 or NIST Cybersecurity Framework based cybersecurity policies & standards in an editable Microsoft Word format.
- The WISP addresses the “why?” and “what?” questions in an audit, since policies and standards form the foundation for your cybersecurity program.
- Under each of the policies are standards that support those policy statements.
- Alignment with a cybersecurity framework is a basic expectation of EU GDPR compliance.
Risk Management Program (RMP)
- The RMP addresses the “how?” questions for how your company manages risk.
- This is an editable Microsoft Word document that provides program-level guidance to directly supports the WISP and DSP policies and standards for managing cybersecurity risk.
- In summary, this addresses fundamental needs when it comes to risk management requirements:
- How risk is defined.
- Who can accept risk.
- How risk is calculated by defining potential impact and likelihood.
- Necessary steps to reduce risk.
- Risk considerations for vulnerability management.
- The RMP is based on leading frameworks, such as NIST 800-37, NIST 800-39, ISO 31010 and COSO 2013.
Cybersecurity Risk Assessment (CRAT)
- The CRAT supports the RMP product in answering the “how?” questions for how your company manages risk.
- This contains both an editable Microsoft Word document and Microsoft Excel spreadsheet that allows for professional-quality risk assessments.
- The CRAT directly supports the RMP, as well as the WISP and DSP policies and standards, for managing cybersecurity risk. It does this by enabling your company to produce risk assessment reports.