Entity ensures that planned application changes are tested before they are deployed to the Production environment
Entity ensures that all production systems utilize a time synchronization service to help instances maintain accurate time
Entity requires that all employees in client serving, IT, Engineering and Information Security roles are periodically evaluated regarding their Job responsibilities
Entity has established an Information Security Awareness training, and its contents are available for all staff on the company employee portal.
Entity has a documented Vendor Management Policy that provides guidance to staff on performing risk assessment of third-party vendors.