Cyber Insurance Assessments –This overview identifies the risk areas and security gaps each municipality faces. A cyber insurance risk assessment considers not just technology but also organization protocols and daily employee procedures that may create a security risk. Using the insurance carrier and/or Fund minimum information security requirements, Cyber Risk Consultant will assess all Fund municipalities. Gap Analysis & Risk Treatment Plan – A gap analysis is a process that compares actual performance or results with what was expected or desired. The method identifies suboptimal or missing strategies, structures, capabilities, processes, practices, technologies, or skills and then recommends steps to help the company meet its goals. Cyber Risk Consultant will provide each municipality with a written report of compliance with the insurance carrier and/or Fund minimum information security requirements, and industry best practices for similarly sized municipalities, and a remediation plan for all shortcomings. The remediation plan will include the minimum standard of performance and several options on resolving each issue, along with more comprehensive recommendations . Consolidated Insurance Application Reporting – Cyber Risk Consultant will consolidate all assessment data and risk treatment plans by municipality into a single report, which can be shared with the insurance provider as proof of compliance.
