Implementing cybersecurity controls is difficult, wouldn’t it be great to show off all that hard work to your clients & prospects? That’s where the CompTIA Security Trustmark+ comes in.
In this article we will learn:
- What the CompTIA Security Trustmark+ is
- How it can benefit your organization
- How to earn the CompTIA Security Trustmark+
So let’s get to it.
What is the CompTIA Security Trustmark+?
The CompTIA Security Trustmark+ is a prestigious accreditation that cybersecurity conscious organizations can earn to prove that they follow cybersecurity best practices in their organization. It includes 100 security controls, with some being designated as “optional”. All controls must be backed up with documentation.
According to CompTIA’s website: “The CompTIA Security Trustmark+ is based on the NIST Cybersecurity Framework and provides a cost-effective path for demonstrating compliance with key industry regulations such as PCI-DSS, SSAE-16, HIPAA, and others reliant on the NIST Framework. ISO, the International Organization for Standards, also currently maps into the NIST Cybersecurity Framework and is reflected in elements of the CompTIA Security Trustmark+.”
In case you were curious, the Security Trustmark+ isn’t the only accreditation available from CompTIA. They offer a Managed Services Trustmark, a Managed Print Trustmark, and a UK IT Business Trustmark for our mates across the pond.
The Security Trustmark+ Provides Strategic Value
According to John Guttridge, President Black Box Computer Consulting: “A prospective client (an investment advisory firm) asked, ‘How do we know that we can trust your company to protect our data?’ I showed them the criteria for the Trustmark we achieved, and they signed the contract,”
How do you earn the Security Trustmark+?
Obviously we cannot dive into the specific details of how to implement all 100 controls as they would be tailored to your business needs, however, the below steps offer a general outline.
- Pay a $2,000 application fee to CompTIA OR pay $350 and become a CompTIA Premier Member and gain access to a wide range benefits including discounts on CompTIA certs for your employees (more on the benefits here) while receiving a $250 discount on the application fee, bringing it down to $1750.
- Review the list of 100 controls (available in the “My Account” area after having paid and created your account)
- Start putting together the 14 required policy documents. (IT Security Policy & Procedures, Business Impact Analysis, Risk Assessment, Incident Response Plan, Business Continuity Plan, Disaster Recovery Plan, Hardware Inventory Plan, Network Diagram, Service Provider List, Data Classification Policy, Job Descriptions, Regulatory Compliance requirements, User Training History, and Communication Protection policy) — We can provide some of these to you, feel free to reach out.
- Complete the online assessment control questions (provided in an excel sheet)
- Submit assessment control answers and required documents via the portal.
- Complete a virtual audit conducted by a 3rd party assigned to you by CompTIA.
Ensuring that the 100 controls associated with the Security Trustmark+ have been properly implemented and documented is no easy task, if you do not have a mature IT program and limited IT staff you will likely need the expertise of a security consultant to earn this prestigious credential. Our staff has experience with the accreditation process and can guide your organization in earning this certification while saving you valuable man-hours. We can create and compile all of the documentation required to earn the accreditation and complete the control questionnaire on your behalf. Providing detailed documentation and detailed answers for the 100 controls is critical for earning the accreditation and proving to your clients that you can protect their data.
Earning the CompTIA Security Trustmark+ is not that easy however it is a low-cost method of providing validation to your clients and prospects that your organization is capable of securing client data. If you have any questions about this prestigious credential reach out to us via email at firstname.lastname@example.org..
More details on the CompTIA Security Trustmark+ are available here: https://desiredoutcomesllc.com/wp-content/uploads/2019/07/qsg_earningyoursecuritytrustmark-.pdf