Cybersecurity Compliance Management Software

Totem™ Cybersecurity Compliance Management Software is a solution designed to assist small businesses and their Managed Service Providers (MSPs) in effectively managing their cybersecurity compliance. According to the vendor, Totem™ aims to streamline the process of establishing and maintaining a compliant cybersecurity program, focusing on regulations such as DFARS, NIST, CMMC, HIPAA, and ISO 27001. This software is intended for information security analysts, network administrators, directors of technology, managed service providers, and DoD prime contractors in small business settings.

Key Features

Save Time with Easy to Navigate Workflows: According to the vendor, Totem™ offers 3 user-friendly workflows to expedite the planning, establishment, and management of a compliant cybersecurity program. These workflows simplify the audit or certification process by conducting a cybersecurity assessment, building and maintaining the organization's System Security Plan (SSP), and developing and executing a Plan of Action and Milestones (POA&M).

Multiple Cybersecurity Frameworks: Totem™ includes multiple cybersecurity frameworks such as CMMC (L1, L2, & L3), NIST 800-171, ISO 27001:2022, HIPAA, and GDPR / CCPA. The vendor states that this feature allows users to select the framework that aligns with their compliance requirements.

Supplemental Guidance Sources: Totem™ provides clickable "info buttons" for each control, offering access to information from various supplemental sources. These sources include NIST 800-171 "Discussion," CMMC "Further Discussion," CMMC "Examples," Totem Technologies "Layman's Terms" interpretive questions, CMMC "Key References," CMMC "Potential Assessment Considerations," MEP NIST Handbook 162 Assessment Questions, and NIST/CMMC "Potential Assessment Methods And Objects." The vendor claims that this feature provides additional guidance and explanations for each control.

Additional Templates: Totem™ offers additional templates for supporting documents and plans, which come pre-loaded with examples. The vendor states that users can customize these templates to suit their organization's needs. The templates include Acceptable Use Policy, CUI and System Inventory, Incident Report, Risk Assessment, and more.

Interactive Dashboard: Totem™ features an interactive dashboard that tracks progress in NIST 800-171 and CMMC controls. The dashboard provides a summary of control compliance, tracks the progress of the System Security Plan, displays the number of noncompliant and incomplete controls by family, and shows upcoming Plan of Action and Milestones (POA&M) items. According to the vendor, this allows users to easily monitor their organization's cybersecurity compliance.

SaaS Security: Totem™ Cybersecurity Compliance Management Software is a highly secure cloud-based Software-as-a-Service (SaaS) solution. The vendor states that the software adheres to the standards outlined in the "SANS Securing Web Applications Technologies (SWAT) Checklist" and implements the OWASP Secure Coding Practices to ensure software security. It is accessible through any web browser, providing convenience and accessibility for users.