MSP Standards, Best Practices, and Frameworks. Oh My!

With myITemplates, instead of having to manually add standards, MSPs can select standards templates from the standards library in our myITprocess software. In one of our recent member meetings, we mentioned a large list of templates available in myITprocess by the end of 2020 through the myITemplates repository. The list helps fill gaps in several industries that lack or are under-represented. This list is below.

Statutory, Regulatory, Contractual, and Best Practices Frameworks

• US NY Department of Financial Services 23 NYCRR 500
• US NIST Privacy Framework v1.0
• US NY SHIELD Act
• US NERC CIP-002 through CIP-014 Revision 6
• US NIST 800-171 rev 2
• US California Consumer Privacy Act (CCPA)
• US IRS Publication 4557 – Safeguarding Taxpayer Data
• US Gramm-Leach-Bliley Act (GLBA)
• US Federal Financial Institutions Examination Council (FFIEC)
• US Criminal Justice Information Services (CJIS) v5.8
• Health Industry Cybersecurity Practices for Small/Medium/Large Health Care Organizations
• EU GDPR
• UK Cyber Essentials v2.0

TruMethods Original Templates

• Default Template May 2020
• MSP Cybersecurity Fast-track
• MSP Cybersecurity Overdrive

A majority of the new compliance templates use mappings from the Secure Controls Framework. This free tool supports mapping frameworks and regulations to each other to cut down repeated work. For instance, a customer that must follow the NY SHIELD Act may already be compliant if following other regulatory requirements (e.g., HIPAA, 23 NYCRR 500).

For anyone who missed the MSP Cybersecurity Jumpstart template, you can read more about it at this link. The Fast-track and Overdrive templates refer to the Health Industry Cybersecurity Practices for Small/Medium/Large Health Care Organizations, respectively. It is a continuation of securing and creating a cybersecurity program for your MSP. Default Template May 2020 is the latest update to the pre-packaged standards with myITprocess. Currently, new members receive these by default, but now anyone can access them from myITemplates.

Benefits of the latest Default Template:

• Shortened to 150 questions to meet our recommended maximum of standards per client.
• Reconfigures the sections to be more relevant in a current and post-COVID environment.
• Concentrates less on the basics like hardware and software and more on security, data backup, and business continuity.
• Merged multiple questions using the AND operator; some items are dependent on alignment.

You can find these additional templates in myITemplates by the end of the year!