This Cyber Risk Assessment agreement is designed for use when an organization requires a comprehensive evaluation of its cybersecurity posture under Swiss law. The document is particularly relevant in today's digital landscape where organizations face increasing cyber threats and regulatory scrutiny. It provides a legally sound framework for conducting technical security assessments while ensuring compliance with Swiss federal regulations, including the Federal Act on Data Protection (FADP/DSG) and relevant FINMA guidelines. The agreement covers essential aspects such as assessment scope, methodology, data handling protocols, and reporting requirements, while incorporating specific provisions for various types of technical testing and analysis. This document is crucial for organizations seeking to understand and mitigate their cyber risks while maintaining regulatory compliance and protecting both parties' interests.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Your data doesn't train Genie's AI
You keep IP ownership聽of your docs
Alternatively...
1. Parties: Identification of the service provider (assessor) and the client organization, including their legal details and registered addresses
2. Background: Context of the agreement and brief overview of the purpose of the cyber risk assessment
3. Definitions: Detailed definitions of technical terms, key concepts, and abbreviated terms used throughout the agreement
4. Scope of Services: Detailed description of the cyber risk assessment services to be provided, including methodology and approach
5. Client Obligations: Responsibilities and obligations of the client, including providing access, information, and cooperation
6. Service Provider Obligations: Responsibilities and obligations of the assessor, including professional standards and qualifications
7. Timeline and Milestones: Project timeline, key milestones, and delivery dates for various assessment phases
8. Fees and Payment Terms: Detailed breakdown of fees, payment schedule, and any additional costs
9. Confidentiality: Provisions for handling confidential information and data protection requirements
10. Intellectual Property: Ownership and usage rights of assessment results, reports, and methodologies
11. Liability and Indemnification: Limitation of liability, indemnification provisions, and professional liability insurance requirements
12. Term and Termination: Duration of the agreement and conditions for termination
13. Force Majeure: Provisions for handling circumstances beyond reasonable control
14. Governing Law and Jurisdiction: Specification of Swiss law as governing law and jurisdiction for dispute resolution
15. General Provisions: Standard boilerplate clauses including severability, entire agreement, and amendments
1. Penetration Testing Authorization: Specific authorization and scope for penetration testing activities, used when penetration testing is part of the assessment
2. Third-Party Access: Provisions for involving third-party contractors or specialists, used when external expertise is required
3. Cloud Services Assessment: Specific provisions for assessing cloud-based infrastructure, used when client uses cloud services
4. International Data Transfers: Provisions for handling international data transfers, used when assessment involves cross-border data flows
5. Business Continuity: Provisions for ensuring business continuity during invasive assessment procedures, used for critical infrastructure clients
6. Regulatory Compliance: Specific provisions for regulated industries (e.g., financial services, healthcare), used when client is subject to specific regulatory requirements
7. Emergency Response: Procedures for handling critical vulnerabilities discovered during assessment, used for high-risk environments
1. Schedule A - Assessment Methodology: Detailed description of the assessment methodology, tools, and techniques to be used
2. Schedule B - Scope of Systems: Detailed list of systems, networks, and applications to be included in the assessment
3. Schedule C - Service Level Agreement: Specific service levels, response times, and performance metrics
4. Schedule D - Fee Schedule: Detailed breakdown of fees, rates, and payment milestones
5. Schedule E - Report Template: Template and format for assessment reports and deliverables
6. Schedule F - Security Requirements: Specific security requirements and protocols to be followed during the assessment
7. Appendix 1 - Contact Details: Key contact persons and escalation matrix for both parties
8. Appendix 2 - Technical Requirements: Technical prerequisites and requirements for conducting the assessment
9. Appendix 3 - Compliance Checklist: Checklist of relevant compliance requirements and standards to be assessed
Authors
Find the document you need
Hazard And Risk Assessment
A Swiss-compliant workplace safety document that identifies, analyzes, and provides control measures for occupational hazards and risks.
Download
Low Voltage Directive Risk Assessment
A technical safety assessment document for low voltage electrical equipment compliance under Swiss regulations and aligned European standards.
Download
Risk Assessment Questionnaire For Banks
A FINMA-compliant risk assessment questionnaire for banks operating in Switzerland, designed to evaluate and document various banking risks under Swiss regulatory requirements.
Download
Vendor Risk Assessment Questionnaire
A Swiss law-compliant questionnaire for assessing vendor risks, regulatory compliance, and operational capabilities.
Download
Supplier Security Assessment Questionnaire
A Swiss-compliant security assessment questionnaire for evaluating suppliers' security controls and data protection measures under Swiss federal regulations.
Download
Last Minute Risk Assessment
A Swiss-compliant safety document for rapid workplace risk evaluation and mitigation before commencing immediate work activities.
Download
Criticality Assessment Matrix
A Swiss law-governed framework for systematically assessing and categorizing business-critical processes, systems, and assets, incorporating local regulatory requirements and risk management standards.
Download
Security Assessment Report
A comprehensive security evaluation document that assesses organizational vulnerabilities and provides remediation recommendations, aligned with Swiss federal regulations and security standards.
Download
Cyber Risk Assessment
Swiss-law governed agreement for conducting professional cyber risk assessments, ensuring compliance with local data protection and cybersecurity regulations.
Download
Fire Risk Assessment Plan
A Swiss-compliant fire risk assessment document detailing fire safety measures, emergency procedures, and risk controls in accordance with VKF/AEAI guidelines.
Download
Risk Assessment Plan
A Swiss-compliant document that systematically assesses and outlines plans to manage organizational risks, following federal safety regulations and standards.
Download
骋别苍颈别鈥檚 Security Promise
Genie is the safest place to draft. Here鈥檚 how we prioritise your privacy and security.
Your data is private:
We do not train on your data; 骋别苍颈别鈥檚 AI improves independently
All data stored on Genie is private to your organisation
Your documents are protected:
Your documents are protected by ultra-secure 256-bit encryption
We are ISO27001 certified, so your data is secure
Organizational security:
You retain IP ownership of your documents and their information
You have full control over your data and who gets to see it
