The Essential WISP and Your Association

Data privacy rules continue to expand, and even if you are well informed on GDPR, you may not know why you need to know about the WISP. A Written Information Security Program (WISP) is a set of documents that details an organization’s security controls, processes as well as policies. In many states in North America, a WISP is a legally required document, to show the organization’s IT security and data protection status. It takes into account the policies and processes that should be in place to ensure that any organization, which processes, controls, manages, licenses and/or retain personal information about citizens, and has implemented the required level of data protection and cyber security. If these do not currently exist, a WISP can help identify the gaps in any security plan. Join host KiKi L'Italien as she interviews David Clarke, Chief Technology Officer, The Trust Bridge, and Malcolm Dowden, Partner, Data Privacy, Cybersecurity and Digital Assets, Squire Patton Boggs, to discuss this important issue. As data breaches and cyber security attacks increase, having the correct WISP documentation in place can demonstrate to clients and suppliers, customers and members, as well as the regulatory authorities and employees that your organization takes Data Protection and Cyber Security seriously, and has implemented the necessary safeguards.