Our Expresso™ software-as-a-service ("SaaS") embodies the NIST seven (7) step process for performing Risk Assessments. Expresso™ builds on the NIST foundation to facilitate performing Risk Assessments by rationalizing the NIST methodology in a manner that makes it accessible to lay persons.
"Before using Expresso and the HIPAA Survival Guide products, I was unfamiliar with the extent of compliance regulations. I feel I received a 'college education' in Regulatory Compliance by watching videos, reading the documentation, and attending monthly webinars that are educational. Webinars provided by 3Lions are outstanding!
Expresso’s documentation was easy to read so that I could report my progress right away. For me, that is worth a lot. Customer service is essential in my book, and 'Expresso Customer Support is excellent!' With the SRA tool, you are on your own, wondering where to start.
Expresso and the HIPAA Survival Guide’s products are a complete deal – the whole package. The alternative comes in bits and pieces of information in various online locations that you must search to find. I was amazed and very pleased to find training documenting and videos, as well as mitigation tools in one place and were easy to use.
If you want to learn, it’s there… the whole package - from Risk Assessment to Risk Mitigation with educational steps along the way. I recommend Expresso and the HIPAA Survival Guide’s Risk Mitigation products to anyone."– Shirleen Sando – Privacy & Security Officer
What QuickBooks Online ("QBO") did for accounting Expresso™ does for Risk Assessments. QBO did not eliminate all the work associated with accounting, what it did was transform accounting from a necessary evil, something to be avoided at all costs and/or handed over to a third party, to something that a business person could master at some basic to intermediate level.
Expresso™ comes pre-populated with (T)hreats, (V)ulnerabilities, and potential business (I)mpacts to your organization making the calculation of (R)isks easier than the tedious process that our competitors offer. In addition to pre-populating of Threats, Vulnerabilities and Impacts, Expresso™ allows you to modify all pre-populated data in a manner that best fits your organization.
The following list summarizes Expresso's principal features. Expresso™:
Expresso™ "productizes" the equation and the process that emerges from the NIST methodology as depicted in the graphic below:
Expresso™ provides the following:
Expresso™ provides visible, demonstrable evidence of your organization's compliance with the HIPAA Security Rule's Risk Assessment requirement. When combine with the rest of our Subscription Plan we provide the most comprehensive set of products available, at a price point unmatched elsewhere.