Time for a Better IT Services Company?

Call (347) 460_-2238

Written Information Security Plan (WISP) Service & Audits

May 11, 2018 Published by Rajesh Goel

Why you need to consider a WISP


The Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) has listed cybersecurity as a key focus area in its 2015 risk-based assessments.

The addition of cybersecurity as a 2015 OCIE priority comes on the heels of the April 2014 release of sample cybersecurity questions OCIE stated it may use in conducting examinations of registered entities regarding cybersecurity matters. On February 3, 2015, OCIE then released summary findings from its Cybersecurity Examination Sweep. Brainlink’s team is assisting clients in creating Written Information Security Policies (WISP) and conducting WISP Audits of existing policies.

Anyone or company that has access to client or employee information needs to ensure they implement the appropriate level of administrative and technical safeguards. Additionally, anyone or anything with access to your confidential information needs to have preventative measures in place for protecting confidential data.

What is a WISP

A Brainlink created Written Information Security Policy (WISP) details the policies and procedures for ensuring confidential data is protected, how it’s being protected and who is ensuring it’s protected.

It includes Administrative and Technical Safeguards. Administrative Safeguards:

  •  Defines confidential data
  • How confidential data is protected
  • Where confidential data is located (i.e., shared drive, externally hosted, hard copy format, etc.)
  • Who has access to confidential data and do they have a business need
  • Roles and responsibilities for responding to a data breach or cyber security incident
  • Internal and external communication procedures for responding to an incident
  • Employee responsibilities and training Technical Safeguards:
  • Assessment of technical safeguards (i.e., penetration testing, encryption, software patches, etc.)
  • Evaluation of technical safeguards (i.e., Brainlink’s Security Benchmark Report)
  • If needed, implementation of additional technical safeguards


Reach out to Brainlink at (917) 685-7731 or raj@brainlink.com today to schedule your security assessment.

Have Questions About Your IT Or Cyber Security?

Brainlink Improves Client Business Using SOPs and RUNBOOKS

A key principle at Brainlink is that we are NOT the owners of our clients’ information – we are the custodian.

As a result, we have invested extensive resources in building Client Runbooks.

Find Out More Reach Out to Brainlink Below

Side Corner
Web Analytics