Overview
The Cybersecurity Compliance Bundle includes:
- Information Security Risk Assessment
- Information Security Program and Policies
- Business Continuity Plan
- Incident Response Plan
- Annual Information Security Report for the Board of Directors
The Process
- We will complete one document at a time, spreading the work over 12 months. We typically start with the IS Risk Assessment, Information Security Program and Policies, Business Continuity Plan, NCUA and then Annual Information Security Report, however if you have a different order based on examination findings we can adjust accordingly.
- ACIO will schedule time to work with you through the initial information collection, including identifying all assets.
- Review your existing policies and plans, carry the details specific to your institution into the new plan.
- Review all technology controls and document accordingly (Note: Does not include CU*BASE technical controls assessment).
- Propose additional controls where appropriate.
- Assist in development of testing / training plans.
- Draft document presentation and Q&A session.
- Finalize report and prep for board review.
Timeline:
We spread the deliverables out over a 12 month period. We will work with you to set the schedule due dates.
Next Steps:
Order now setup a time for an introductory call to discuss the Cybersecurity Compliance Bundle in more detail as well as answer any questions you have. Following the introductory call, AdvantageCIO will provide a detailed statement of work.
Reviews
There are no reviews yet.