Massachusetts WISP Generator — Boston Managed IT

Your Business

Tell us about your company so we can tailor the WISP to your situation.

Company name *

Industry

Approximate employee count

1–10 11–50 51–200 200+

Who is responsible for information security?

e.g. "Jane Smith, Office Manager" or "Outsourced to Boston Managed IT"

Do you have a current WISP?

Yes No Not sure

Data You Handle

Identify the personal information your business collects, stores, or processes.

What types of personal information do you collect or store?

Social Security numbers Driver's license numbers Financial account numbers Credit / debit card numbers Health / medical information Employee records

Where is this data stored?

Cloud applications Local servers Employee devices Paper files Third-party vendors

Do employees access personal information remotely?

Yes No

Current Safeguards

Check every security control your organization currently has in place.

Policies & People

How does your organization handle security policies and employee accountability?

Do you have a process for revoking access when employees leave?

Yes — documented process Informally (no written policy) No

Do employees receive security awareness training?

Yes — at least annually Once at hire only No training provided

Are there documented disciplinary measures for security policy violations?

Yes — written policy Informal / case-by-case No

Do you review third-party vendors for security compliance?

Yes — all vendors reviewed Some vendors only No vendor reviews

Incident Response

How prepared is your organization to respond to a data breach or security incident?

Do you have a documented incident response plan?

Yes No

Do you know who to notify in Massachusetts in the event of a breach?

Yes No

MA requires notification to the AG, affected residents, and consumer reporting agencies.

Does your organization carry cyber liability insurance?

Yes No Not sure

Your WISP Gap Analysis

Based on your answers, here is your security posture relative to Massachusetts 201 CMR 17.00.

—

In Place

—

Needs Attention

—

Missing

Want help closing these gaps? Talk to our team →

Download Your Custom WISP

Enter your details to generate a personalized .docx WISP document pre-filled with your company information.

Your Business

Data You Handle

Current Safeguards

Policies & People

Incident Response

Your WISP Gap Analysis

Download Your Custom WISP

Just need a starting point?