Professionally-Written, Editable & Easily-Implemented NIST 800-61 Based Incident Response Program
Most companies have requirements to document its incident response processes, but they lack the knowledge and experience to undertake such documentation efforts. That means businesses are faced to either outsource the work to expensive consultants or they ignore the requirement and hope they do not get in trouble for being non-compliant with a compliance requirement. In either situation, it is not a good place to be. The good news is that ComplianceForge.com developed a viable incident response program that is based on NIST 800-61 guidance, which is the "gold standard" for incident response frameworks. This document is capable of scaling for any sized company.
CIRP Cost Savings
From surveying cybersecurity professionals, we created the following chart to provide a comparison of options for companies needing a documented cybersecurity risk management program. As you can see, when you factor in internal staff time to perform reviews and refinements with key stakeholders, purchasing a CIRP from ComplianceForge is approximately 9% ($13,500+ savings) of the cost as compared to writing your own documentation and 4% ($34,500+ savings) of the cost as compared to hiring a consultant to write it for you!
What do you need to provide when you order the Cybersecurity Incident Response Program (CIRP)?
It is common in policies and other documentation to initial reference the official name of the organization (e.g., full legal name of the company) and the trade / DBA name that is used to commonly refer to the organization. This is usually written in this format: Official (Common). The reason for this is this covers calling out the legal entity the policy is written for, but then references the common name, by which the company will be referred to through the rest of the document. It makes documents much easier to read.
Examples of "official" and "common" business names are: