Let CleverMinds Help


Massachusetts 201 CMR 17 Auditing & Support

All companies that handle business to consumer transactions will have to have a written information security plan (WISP) in place bay March 1st, 2010. CleverMinds has developed a comprehensive and customizable WISP that is customizable to your particular business situation.

Many business are being falsely led to believe that they can buy a WISP online after answering a couple of quick questions and be in compliance with the new law. The problem is that these companies do not understand your business or your processes, and hundreds or even thousands of dollars will be spent on a meaningless document. The other trap local business are falling into is over compliance, paying for “security plans” that are unnecessary, overly complex ,and slow down you and your business.

In order to properly comply with the new law business will have to analyze their current systems and hardware for compliance, create a written information security plan (WISP) by March 1st, 2010, develop an implementation schedule for meeting compliance, and train their staff on the security procedures and policies outlined in their WISP. CleverMinds has developed several comprehensive and affordable strategies for complying with these new requirements.

The CleverMinds strategy is simple:

1) Audit : Involves a detailed analysis of all of your business technology systems to determine the areas where you are not compliant.

2) Plan: We will create three planning documents:
  • Create a customized WISP for your records in accordance with the law.
  • Create a Compliance Implementation Plan with recommendations on how you can become more secure and full compliant.
  • Process & Procedures on Privacy and Security for your employees written in plain English to make sure that they understand the law and your companies security policy.
  • 3) Implement: We will meet with you to discuss updating your systems and process so that you are in compliance with your WISP and the law.

    4) Monitor: We will conduct regular monitoring and conduct annual reviews of security. We are also there for you need to make a change in your business practices, to ensure that these change are in compliance.

    And in the end, it can save your company money over our competition. We will only give you the solutions that your business needs, and because we are vendor neutral you won’t pay bloated prices for services that you don’t really need.

    CleverMinds can audit and make compliance recommendations to help guide your organization. Please contact Jack Boyle at (617) 894-1282 to schedule an appointment to discuss this new law and how it may affect your firm or organization.

    For More Information:
    View the Text of 201 CMR 17.00

    View the Massachusetts State compliance checklist