<!DOCTYPE html>
<html>
<head>
<title>HITRUST Standard Requirements</title>
</head>
<body>
<style type="text/css">#aweber_rem {
text-align:center;
font-size:10px;
color:#333;
width:600px !important;
margin:0px auto;
font-family:Verdana, Arial, Helvetica, san-serif;
}
#aweber_rem a {
text-decoration:none;
}
#aweber_rem a:hover {
text-decoration:underline;
}
</style>
<center>
<table cellpadding="0" cellspacing="0" style="font-family:helvetica,verdana,arial,sans-serif; text-align:left; width:600px">
<tbody>
<tr>
<td style="color:#666666; padding-bottom:5px" valign="bottom" width="400">
<div style="font-size:12px; text-align:right"><span style="font-family:verdana"><img align="left" alt="" height="80" src="https://cdn6.bigcommerce.com/s-ilcoov/product_images/the_art_of_service_-_we_get_it_transparent_1_1503604503__72937.png" width="200" /></span></div>
<div style="font-size:12px; text-align:right"><br />
<span style="color:#000000"><span style="font-family:verdana"><span style="font-size:36px"><span style="font-family:verdana"><strong><a href="http://zaale.com/l/J9dyb892892r4VxIWGcw892l7Etw/MklJgSQs5SPlTZW6sJPdfA/NxJhjZigzZtz5JghkDwFmA"><img alt="" height="50" src="https://artofservice.s3.amazonaws.com/Get_started_button._CB531883441_.png" width="400" /></a></strong></span></span></span></span></div>
<div style="font-size:14px; text-align:right">
<div style="font-size:12px; text-align:center">
<hr />
<p><span style="color:#000000"><span style="font-size:24px"><strong>HITRUST<br />
Standard Requirements Toolkit</strong></span></span></p>
</div>
<p style="text-align:center"><span style="color:#000000"><span style="font-size:20px">Crucial Requirements:</span></span></p>
<ul>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Industry standards enforce legislation that utilities must meet, and these standards do not come cheaply. Standards require additional resources in the form of employees, hours, and technology, all of which increases the cost of providing reliable electricity to the customer. Therefore, the standards of cyber security that protect the customer are then ultimately paid by the customer. So what are these standards and who sets them?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Has management conducted a comprehensive evaluation of the entirety of enterprise Risk Management at least once every three years or sooner if a major strategy or management change occurs, a program is added or deleted, changes in economic or political conditions exist, or changes in operations or methods of processing information have occurred?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Have senior managers been apprised of Risk Management and control deficiencies affecting their units (e.g., circumstances where assets with a specified monetary value are not adequately protected, where the competence of employees is lacking, or where important financial reconciliations are not performed correctly)?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">What collaborative organizations or efforts has your company interacted with or become involved with to improve its cyber security posture (such as NESCO, NESCOR, Fusion centers, Infragard, US-CERT, ICS-CERT, E-ISAC, SANS, HSIN, the Cross-Sector Cyber Security Working Group of the National Sector Partnership, etc.)?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Resulting risks, and selected countermeasures are the same for all companies. If a large number of companies have documented their experiences in this area, alongside the countermeasures they have selected for the possible risks, do you still do a comprehensive risk analysis to probably arrive at the same result?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Do you support the certified cyber security professional and cyber-informed operations and engineering professionals with advanced problem-solving tools, communities of practice, canonical knowledge bases, and other performance support tools?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Does the information security function actively engage with other critical functions, such as it, Human Resources, legal, and the privacy officer, to develop and enforce compliance with information security and privacy policies and practices?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Does the information infrastructure convert raw data into more meaningful, relevant information to create knowledgeable and wise decisions that assists personnel in carrying out their enterprise Risk Management and other responsibilities?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">When a risk is retired, do you review the history of the risk to record any lessons learned regarding the Risk Management processes used. is the team essentially asking itself: what, if anything, would we have done differently and why?</span></span><br />
</li>
<li style="text-align: left;"><span style="color:#000000"><span style="font-size:15px">Is management periodically considering advise from external parties (e.g., customers, vendors and others doing business with the entity, external auditors, and regulators) on the functioning of an entitys enterprise Risk Management?</span></span><br />
<div style="text-align:left"> </div>
</li>
</ul>
</div>
<div style="text-align:center">
<p style="text-align:left"><span style="color:#000000"><span style="font-family:verdana"><a href="http://zaale.com/l/J9dyb892892r4VxIWGcw892l7Etw/MklJgSQs5SPlTZW6sJPdfA/NxJhjZigzZtz5JghkDwFmA"><img align="right" alt="" height="900" src="https://cdn11.bigcommerce.com/s-ilcoov/images/stencil/1280x1280/products/142102/175577/HITRUST_TKFC__34324.1535353280.jpg?c=2&imbypass=on" style="margin:5px" width="600" /></a> </span></span></p>
<p><span style="color:#000000"><span style="font-family:verdana"><span style="font-size:36px"><span style="font-family:verdana"><strong><a href="http://zaale.com/l/J9dyb892892r4VxIWGcw892l7Etw/MklJgSQs5SPlTZW6sJPdfA/NxJhjZigzZtz5JghkDwFmA"><img alt="" height="50" src="https://artofservice.s3.amazonaws.com/Get_started_button._CB531883441_.png" width="400" /></a></strong></span></span> </span></span></p>
</div>
<hr />
<p style="text-align:center"><span style="color:#000000"><span style="font-family:verdana"><a href="http://zaale.com/l/J9dyb892892r4VxIWGcw892l7Etw/MklJgSQs5SPlTZW6sJPdfA/NxJhjZigzZtz5JghkDwFmA" style="font-size: 16px; font-family: verdana;"><img alt="" height="80" src="https://cdn6.bigcommerce.com/s-ilcoov/product_images/the_art_of_service_-_we_get_it_transparent_1_1503604503__72937.png" width="200" /></a></span></span></p>
<div style="text-align:center">
<div><span style="color:#000000"><span style="font-family:verdana"><span style="font-family:verdana"><span style="color:#000000"><span style="font-size:16px"><strong>To make sure you keep getting these emails, please add service@theartofservice.com to your address book or whitelist us.</strong> </span></span></span><br />
</span></span></div>
<div style="text-align:center"><br />
<span style="color:#000000"><span style="font-family:verdana"><span style="font-family:verdana"><a href="http://zaale.com/l/J9dyb892892r4VxIWGcw892l7Etw/PQ2BXUE2tvBnjzQ0qyBqYg/NxJhjZigzZtz5JghkDwFmA"><img alt="" height="200" src="https://artofservice.s3.amazonaws.com/Toolkit_Subscription.png" width="600" /></a></span><br />
</span></span>
<p><strong>The U.S. Department of Commerce, National Institute of Standards and Technology (NIST) has included</strong> The Art of Service's Cyber Security Self Assessment on their Framework Industry Resources list since The Art of Service's Self Assessment <strong>is deemed qualified, accurate and comprehensive as a Guidance</strong> that Incorporates the Framework: <a href="http://zaale.com/l/J9dyb892892r4VxIWGcw892l7Etw/cADZdsUEyAlwARHAzPKrCA/NxJhjZigzZtz5JghkDwFmA">https://www.nist.gov/cyberframework/industry-resources</a></p>
<span style="color:#000000"><span style="font-family:verdana"> </span></span>
<hr /></div>
<div style="text-align: center;"><br />
<span style="color:#000000"><span style="font-size:14px"><span style="font-size:16px">This message was sent to you because you are registered for this newsletter. We respect your privacy. If you no longer wish to receive emails, safely unsubscribe below.</span></span></span>
<p> </p>
<span style="color:#000000"> </span></div>
</div>
</td>
</tr>
<tr>
<td height="3" style="border-top: 3px double #e4e4e4; text-align: center; font-family: Verdana,Arial; font-size: 12px">
<p> </p>
<p>The Art of Service 22B/302 South Pine Road Brendale, Qld 4500 </p>
<p> </p>
<p><a href="http://zaale.com/unsubscribe/Wy763JeFxE4qMGmhSKRMkAv763BuYMqm5763oGLg5mhclm737S4GXMPll892vRLi9QonSx6n/USYcb2mwW4TN8KykVByKGQ/NxJhjZigzZtz5JghkDwFmA" >Manage Subscription</a> </p>
<p> </p>
</td>
</tr>
</tbody>
</table>
</center>
</body>
</html>
<img src="http://zaale.com/t/NxJhjZigzZtz5JghkDwFmA/J9dyb892892r4VxIWGcw892l7Etw" alt="" style="width:1px;height:1px;"/>