Policies & Procedures Bundle - NIST CSF 2.0

Cybersecurity & Data Protection Program (CDPP) Bundle #1A -  NIST CSF 2.0   (20% discount)

This is a bundle that includes the following two (2) ComplianceForge products that are focused on operationalizing the NIST Cybersecurity Framework (NIST CSF):

1. Cybersecurity & Data Protection Program (CDPP) - NIST CSF
2. Cybersecurity Standardized Operating Procedures (CSOP)

Product Walkthrough Videos

These short product walkthrough videos are designed to give a brief overview about what the CDPP Bundle #1A is to help answer common questions we receive.

Why Are These Products Part of The Bundle?

This bundle is designed for organizations that need a cost-effective and timely solution to obtain NIST CSF 2.0-based cybersecurity policies, standards and procedures that map to the low, moderate and privacy baselines. This is a combination of our Cybersecurity & Data Protection Program's (CDPP) cybersecurity policies and standards, along with the Cybersecurity Standard Operating Procedures' (CSOP) procedures. The end result is a comprehensive, customizable, easily implemented set of documentation that your company needs to establish a cybersecurity program. Being Microsoft Word documents, you have the ability to make edits, as needed. 

Please note that if you want a customized bundle, we are happy to create one for you. Just contact us with your needs and we will generate a quote for you.

Cost Savings Estimate - CDPP Bundle #1A  

When you look at the costs associated with either (1) hiring an external consultant to write cybersecurity documentation for you or (2) tasking your internal staff to write it, the cost comparisons paint a clear picture that buying from ComplianceForge is the logical option. Compared to hiring a consultant, you can save months of wait time and tens of thousands of dollars. Whereas, compared to writing your own documentation, you can potentially save hundreds of work hours and the associated cost of lost productivity. Purchasing this bundle from ComplianceForge offers these fundamental advantages when compared to the other options for obtaining quality cybersecurity documentation:

• For your internal staff to generate comparable documentation, it would take them an estimated 1,000 internal staff work hours, which equates to a cost of approximately $85,000 staff-related expenses. This is about 12-24 months of development time where your staff would be diverted from other work.
• If you hire a consultant to generate this documentation, it would take them an estimated 700 contractor work hours, which equates to a cost of approximately $210,000. This is about 9-18 months of development time for a contractor to provide you with the deliverable.
• This bundle is approximately 3% of the cost for a consultant or 7% of the cost of your internal staff to generate equivalent documentation.
• We process most orders the same business day so you can potentially start working with the documentation the same day you place your order.

Products Included in CDPP Bundle #1A (NIST CSF 2.0-based policies, standards & procedures) 

Cybersecurity & Data Protection Program (CDPP) - NIST CSF NIST CSF-based cybersecurity policies & standards in an editable Microsoft Word format. The CDPP addresses the “why?” and “what?” questions in an audit, since policies and standards form the foundation for your cybersecurity program. Under each of the policies are standards that support those policy statements. CDPP contains many useful supplemental documentation templates: Business Impact Analysis (BIA) template Data classification & handling guidelines Data retention guidelines Rules of behavior (acceptable use) Bring Your Own Device (BYOD) usage guidelines Risk management guidelines System hardening guidelines and more templates

Cybersecurity Standardized Operating Procedures Template (CSOP) - NIST CSF The CDPP version of the CSOP is a template for procedures that map to the policies and standards in the CDPP. This is an expectation that companies have to demonstrate HOW cybersecurity controls are actually implemented.  This is an editable Microsoft Word document. Given the difficult nature of writing templated procedure statements, we aimed for approximately a "80% solution" since it is impossible write a 100% complete cookie cutter procedure statement that can be equally applied across multiple organizations. What this means is ComplianceForge did the heavy lifting and you just need to fine-tune the procedure with the specifics that only you would know to make it applicable to your organization. It is pretty much filling in the blanks and following the helpful guidance that we provide to identify the who/what/when/where/why/how to make it complete. The CSOP is mapped to leading frameworks to help with mapping compliance requirements.

Optional Professional Services (Add On)

ComplianceForge offers optional professional services to customize purchased documentation. Professional services are not required to customize ComplianceForge documentation. However, some clients want our subject matter expertise to help customize their documentation to meet their specific business needs. If you have any questions about our professional services, please contact us at: www.complianceforge.com/contact-us/.

We offer our professional services in bundles of: five (5), ten (10) & twenty (20) hours.

Purchased professional service hours will expire after 120 days (4 months) from the time of purchase before they expire.