Policies and Controls

Apart from https://releasemanagement.atlassian.net/wiki/spaces/TRUSTRM/pages/2615574565 we have a number other publicly available policies below to review. There is also a standard package of “internal' policies available on demand.

Publicly Available

On Demand

The following list of “internal“ policies could be provided as standard package for your InfoSec team for review and evaluation after mutual NDA is signed. Our VP, Engineering & Compliance Manager would be happy to conduct a session with your InfoSec team to go over it and address any concerns you might have.

You can also review our Security, Confidentiality, Availability commitments here:

https://app.eu.vanta.com/y2engineering/trust/jadow9kbntscclqspimuxq
  • Code of Conduct

  • Human Resource Security Policy

  • Information Security Policy

    • Information Security Roles and Responsibilities Policy

    • Access Control Policy

    • Bring Your Own Device Policy (BYOD)

    • Asset Management Policy

    • Data Management Policy

    • Cryptography Policy

    • Physical Security Policy

    • Secure Development Policy (Secure SDLC)

    • Operations Security Policy

    • Incident Response Plan

    • Business Continuity and Disaster Recovery (BC/DR)

    • Third-Party Management Policy

  • Risk Management Policy

  • Other Policies

    • Network Security Policy - Configuration and Hardening Standards

    • Logging and Monitoring Policy

    • Patch Management Policy