These reports show where you are in achieving compliance with the guidelines provided by your selected Cyber Insurance carriers. In addition, these documents identify and prioritize issues that must be remediated to address related security vulnerabilities through ongoing managed services.
The Cyber Risk Analysis Report aggregates risk analysis from multiple assessments performed on the network, providing you with both a Cyber Risk Score and a high-level overview of the health and security of the network. This includes a summary of individual issues, as well as their severity and weighting within the risk analysis. At the end of the report, you can find a summary of the assets discovered on the network, in addition to other useful information organized by assessment type.
The Management Plan ranks individual issues based upon their potential risk to the network while providing guidance on which issues to address by priority. Fixing issues with lower Risk Scores will not lower the Overall Risk Score, but will reduce the global Issue Score. To mitigate global risk and improve the health of the network, address issues with higher Risk Scores first.
A more compact version of the External Vulnerability Scan Detail report that is organized by issues. Devices that are affected are listed within an issue type. This report is useful for technicians that are looking to resolve specific issues identified within the environment, rather than performing remediation on a particular system.
This report provides comprehensive documentation of the current configuration and use of the network. The report shows assets in high-level views, allowing you to easily get an overall assessment of the entire network. Discovered issues are highlighted, making it easy to spot individual problems
The report is used present the details associated with security exceptions and how Compensating Controls will be or have been implemented to enable compliance. Here you can document any false positives. You can also indicate if you have taken measures to reduce or avoid any issues identified in the assessment that might not otherwise appear in your assessment documentation. The benefit of this feature is that it adds back in the human element into the assessment and allows for explanation of special circumstances and specific environment requirements.
With Audit Guru, you can perform insurance assessments based on specific criteria from several different insurance carriers. Depending on the carriers you select, you will be prompted to answer various questions about your overall site and network security. This helps you know exactly how best you can improve your overall security, as well as document your compliance with the security provisions outlined by your insurance carrier. You will receive a Response Verification Report for each insurance carrier you select during the assessment. This documents your responses to the carrier-specific questions.
These documents show the detailed information and raw data that backs up the compliance reports. These documents include the various interviews and worksheets, as well as detailed data collections on network assets, shares, login analysis, etc.
The Cyber Liability Questionnaire is used to gather information about your organization’s IT Security Policies and Procedures and ongoing sensitive data protection practices. The questions in this document are based on the specific insurance carriers you select during the assessment process.
The User Access Review Worksheet enables you to identify each user and to document their status: Employee, Third Party, Former Employee, Former Third Party, Service Account. You can also indicate whether each user has Remote Access. This is important for understanding which users have access to the network — and especially which users have access to sensitive information.
Understanding where you have sensitive data (ePHI, Cardholder Data, and PII) is an important component of data protection security. A comprehensive scan should be performed annually to help identify and document all potential locations for sensitive data. Complete the worksheet to identify systems to run the automated sensitive data file scan o
This worksheet details each instance of sensitive data discovered on the network. It displays the PC name, IP address, and file path where sensitive data was detected. You can verify whether the information is valid or a false positive.
Audit Guru will automatically detect any anti-virus software installed on PCs on the target network. The Anti-virus Verification Worksheet details whether each endpoint on the network has anti-virus software installed. It also displays the type of anti-virus software.
Understanding where you have ePHI Data is an important component of HIPAA compliance. The Personal Data Scan System Selection Worksheet allows you to specify which systems are scanned for ePHI during the assessment process. A comprehensive scan should be performed annually to help identify and document all potential locations for personal data as defined by HIPAA.
No Risk Purchasing
With our 30-day, 100% satisfaction guarantee there’s absolutely no risk to you. You have everything to gain and nothing to lose.