Level 1 Checklist

When a client reaches out to us, the checklist below is where we start for all organizations. Based on the response to the first two questions, we'll go deeper into the types of data that are stored which almost always involves PII in the form of name, email and phone number for CRM purposes. The second questions also facilitates a conversation around the technical systems that need to be secured.

Almost every company we work with is different based on their region, industry, subsector, and services they provide. Regardless of this diversity, we've crafted template polices and procedures that you can use as a starting point to go on your compliance journey. However, If you choose to use these templates without any consulting agreement with us, they come without any type of warranty per our license.

• Identify regulations that apply to your industry and subsector
• Identify all information flow to determine the technical systems that need to be secured
• Enable MFA for all technical systems
• identify region/industry specific employee management regulations and define informal onboarding and offboarding procedures to increases process consistency and regulatory compliance
• identify and link to guides concerning accounting procedures to follow based on your region/industry
• define and test informal system backup and recovery procedures
• If you have a website, add a privacy policy indicating how you can/will use your client's data.

This entire process typically takes one or two days of effort spread over the course of a week to achieve, and the outcome is a significantly securer company that is protecting not only their employee and client interests, but also their own.