Written Information Security Program Wisp Template

Including laptops and portable devices that contain personal information.

Written information security program wisp template. Written information security plan 2 p a g e. Healthcare entities subject to hipaa have long since become accustomed to not merely developing their own. The written information security program wisp is updated as needed and at least annually by the director of information security section 3. This version of the written information security program wisp is based on the nist 800 53 rev4 framework. The iso version of the written information security program wisp is a comprehensive set of it security policies and standards that is based on theiso 27002 2013 framework and it can help your organization become iso 27002 compliant.

Identification of paper electronic and other records computing systems and storage media. It contains cybersecurity policies and standards that align with nist 800 53 including nist 800 171 requirements. A wisp or written information security program is the document by which an entity spells out the administrative technical and physical safeguards by which it protects the privacy of the personally identifiable information it stores. This iso based wisp is a comprehensive customizable easily implemented microsoft word document that contains the iso 27002 based policies control objectives. The term wisp refers to wpi s written information security plan.

We would like to show you a description here but the site won t allow us. 17 00 et seq the massachusetts regulations that went into effect in 2010 require every company that owns or licenses personal information about massachusetts residents to develop implement and maintain a wisp. The massachusetts data security regulations 201 c m r. Umass written information security program wisp 2 umass written information security program wisp may 2017 table of contents section description page 1 0 approvals and signatures 3 2 0 the umass security program goals and objectives 4 3 0 the university security policy doc t10 089 5. A wisp is a written information security program.

A wisp is a roadmap for an organization s it security and is legally required by several states. Massachusetts written information security program wisp a written information security program wisp is a document that details an organization s security controls processes and policies.