Months to Minutes compliance savings using The ComplianceAide.
Introduction.
From Months to Minutes: From the minute you get access to the platform, without answering a single question, you can print a set of work instructions per function that explains what you need to do to answer the requirement being asked.
This is a time saving of around 480 hours that translates to £ 46,368. For a company of up to 200 employees. (See later explanations).
This alone means that The ComplianceAide has paid for itself and gives an immediate return on investment.
Standard Compliance Plan: When undertaking a compliance project there are a set of actions that need to be undertaken regardless of the regulation that you are applying to be accredited in.
Time to Compliance: In determining the duration of implementation there are two initial mandatory phases, the Plan and Do phases (risk assessment and security control implementation) and depends primarily on the size of the organization:
Companies of up to:
· 20 employees – up to 3 months
· 20 to 50 employees – 3 to 5 months
· 50 to 200 employees – 5 to 8 months average 6 months
· More than 200 employees – 8 to 20 months average 14 months
These times are valid if you use a consultant to help you with the implementation; if you’re trying to do this by yourself without any help, it will take you much longer.
Roles & Effort to implement Standard:
|
Role |
1-200 Employees (6 months) |
201-500 Employees (10 months) |
|
Project Manager |
1 day a week |
50% of time = 2 days per week |
|
Security Manager |
N/A (Covered by project manager) |
50% of time = 2 days per week |
|
Project Team |
Not Required |
Heads of Departments |
|
Department Heads |
7 hours per each department head per week
throughout the project life |
15 hours
per each department head per week throughout the project life |
|
Senior Management |
5 hours total |
10 hours total |
Heads of Department include but not limited to: Head of IT department, head of legal, head of HR, head of marketing, head of sales, head of operations, etc. The average cost of this project team is £390,000 based on a salary of £65,000 per head per year.
Project Manager & Security Manager £120,000 again £65,000 each per year.
Senior Management £100,000 per year
Effort needed for the maintenance of the ISMS: It is worth mentioning that the work on compliance doesn’t stop with the Plan and Do phases – the Information Security Management System (ISMS) that you create needs to be maintained (and improved), meaning that the work on information security is not one off, but continuous. However, the effort for maintaining the system is not as great as in the initial implementation – it will probably be at 25% of the effort that was needed for the Plan and Do phases.
Price comparison saving using, The ComplianceAide.
1. 200 Employees.
2. 201-500 Employees.
Regardless of the size of company, assuming it takes the project manager 1 day to print out and distribute the work instructions as described in the introduction.
Conclusion:
In conclusion, The ComplianceAide significantly saves both time and money. The above example is based on the NIST CSF framework. However, the more detailed and complex the framework you are trying to comply with in order to get qualified, the greater the time savings will be.