Entity maintains a list of all contractual obligations based on customer contracts

Sep 08, 2023

Entity ensures that the Disaster Recovery Plan is tested periodically and learnings documented

Sep 08, 2023

A clear desk policy for papers and removable storage media and a clear screen policy for information processing facilities shall be adopted.

Sep 08, 2023

Entity ensures that Subject Access Requests are being honoured in accordance with the Privacy Policy

Sep 08, 2023

Entity conducts Data Protection Impact Assessments periodically in order to assess the regulatory risks associated with processing of personal data

Sep 08, 2023

Entity ensures that appropriate remediation measures are in place when personal data is shared with vendors as a part of its processing activities

Sep 08, 2023