Steps in the Ransomware Audit & Your Deliverables
1 – Define Scope
How many facilities to be reviewed? Will external vendors be evaluated? Can work be constrained to hospital facilities? Select options and cost.
2 – Agree on Terms
Select audit options and cost. Define team. Agree on interviewees. Set up coordination points-of-contact.
3 – Information Security
Sign non-disclosure, HIPAA, and security agreements. Agree on destruction of records after audit completed.
Barraclough NY LLC
New York, NY 10022
Tel: (212) 758-1296
4 – Onsite Data Collection
Onsite interviews in three domains: (1) IT security group; (2) Legal Affairs; (3) Suppliers (opt).
5 – Scorecard & Draft Report
Present Balanced Scorecard and Draft Report for Discussion. Review findings. Internal review for 10 days.
6 – Final Report and Playbook
Revise and complete final report. Complete Playbook and Present Plan for Simulation. Certificate of Destruction of all Documents.
Playbook & Drill Schedule
Certificate of Document Destruction
Briefing before your group on Ransomware threaat and overview of Assessment. Includes case studies.
Shows your "report card" score for each variable in your security and emergency operations plans.
(1) Background: (2) Threat Analysis; (3) Personalized Scorecard; (4) Analysis; (5) Playbook; (6) Recommended Drill Schedule.
Playbooks are operating procedures to take in case of a Ransomware attack. This includes technical, law enforcement, and legal measures.
Frameable Certificate of Completion for Each Work Group
Notarized statement that Barraclough has destroyed all confidential records of your audit.
DELIVERABLES OF RANSOMWARE AUDIT