Cyber Essentials Standard
Guided Cyber Essentials Readiness and Compliance
Performs The Self-Assessment Required for Cyber Essentials Certification
Gets You Ready For A “Painless” Third-Party Cyber Essentials Plus Audit
Makes Certification Renewal A Snap
Compliance Manager GRC allows you to use all of your current IT security tools, software and systems to meet the requirements of The Cyber Essentials framework . . . while you maintain compliance with all your other IT requirements, regardless of source. The built-in Standard Management Template allows you to quickly determine if you can “check the boxes” for every requirement, identifies the gaps, and automatically prepares all of the documents you need to comply with the standard. This gives the organization owner or board the confidence to attest to the responses in your certification form.
Here are a few of the value-added features you get:
- Rapid Baseline Assessments – Quickly identify gaps required for certification
- Technical Risk Assessments – Full risk assessment that meets the NYDSF requirements
- Auditor’s Checklist – Easy access for NYDFS auditors to quickly satisfy their reporting requirements
- Employee Awareness Training Portal – Tracking and reporting required by the NYDFS
- Policies & Procedures Manual – Required documentation of everything you need to do;
- Vendor Risk Management Portal – Required for Third Party Service Provider tracking and documentation
- Automated Documentation & Storage – Meets the NYDFS Audit Trail requirements for security purposes.
- VulScan Integration – Satisfies the need for regular scanning and eliminating need for Pen Testing
What’s covered by Cyber Essentials and Cyber Essentials Plus
- can accept incoming network connections from untrusted Internet-connected hosts; or
- can establish user-initiated outbound connections to devices via the Internet; or
- control the flow of data between any of the above devices and the Internet.
A scope that does not include end-user devices is not acceptable. In addition to mobile or remote devices owned by the organisation, user-owned devices which access organisational data or services (as defined above) are in scope. The default approach is that all corporate or BYOD home working devices used for applicant business purposes within the home location are in scope for Cyber Essentials.
Whether complying with Cyber Essentials, tracking terms of your cyber risk insurance policy, or making sure your own IT policies and procedures are being followed, Compliance Manager GRC helps you Get IT All Done at the same time, and in the same place. No other Compliance Management software gives you this kind of flexibility.
Assuring Cyber Essentials compliance – and all your other IT requirements – is easy with Compliance Manager GRC. You get more work done with less labor, thanks to automated data collection, automated management plans, and automated document generation.
Compliance Manager GRC is affordable, yet boasts the power and functionality most often found in expensive, enterprise-class governance, risk and compliance platforms. Whether you are managing compliance for your own organization, or are an MSP delivering compliance-as-a-service, there’s a sensible subscription for you.