Entity has a documented Confidentiality Policy, and makes it available for all staff on the company employee portal.

Sep 08, 2023

Entity has a documented Vendor Management Policy that provides guidance to staff on performing risk assessment of third-party vendors.

Sep 08, 2023

Entity has a documented Risk Assessment and Management Policy that describes the processes in place to identify risks to business objectives and how those risks are assessed and mitigated. The objectives incorporate Entity’s service commitments and system requirements.

Sep 08, 2023

Entity identifies vulnerabilities on the company platform through annual penetration testing exercise conducted by a qualified third party service provider.

Sep 08, 2023

Entity’s Production assets are continuously monitored to generate alerts and take immediate action where necessary

Sep 08, 2023

Entity’s infrastructure is configured to review and analyse audit events for anomalous or suspicious activity and threats

Sep 08, 2023