OGDEN, Utah, Sept. 17, 2018 /PRNewswire/ -- Haight Bey & Associates is excited and proud to announce the release of Totem™ 2.0, a small-business IT security plan and assessment management tool that ensures your organization is at low risk for cybersecurity compromise. Totem is built upon the US National Institute of Standards and Technology 800-171 standard for the Protection of Controlled Unclassified Information
With release of the 2.0, Totem™ now supports US Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) security and privacy rule assessments for small covered entities, as well as the European General Data Protection Regulation (GDPR) assessments. To support these regulations, Haight Bey has added a Privacy control family to the tool, consisting of ten (10) individual privacy-related controls. Assessing an organization against this family, in conjunction with the 14 security-related control families, will help ensure the organization is compliant with the regulations, and has a robust System Security Plan (SSP) in place to appropriately protect PII and PHI.
Totem™ scales in two dimensions: number of users of the tool, and number of systems' information the tool contains. An unlimited number of users is allowed for GRC activities of any given system. If an organization wishes to add systems to the tool's purview, for instance in a subcontractor relationship--where a prime contractor needs insight into the cybersecurity posture of their supply chain, additional systems can be modularly added to the tool for small additional annual cost each.
"Originally we built Totem™ for us, because we needed a low-cost tool to replace the dozens of spreadsheets that constituted our System Security Plan, as well as a repository for undocumented institutional knowledge of our IT system," said Adam Austin, Haight Bey's cybersecurity lead. "We realize how valuable Totem™ is to the community as a low-cost GRC tool, so we proudly offer it to our peers."
SOURCE Haight Bey & Associates LLC