The purpose of this Information Security Policy ("Policy") is to describe Accorp Partner Company's security policy regarding customer information, including how we secure their confidential information in our services.
Specifically, this Policy is intended to identify Accorpartner’s policies, procedures, and auditing and training practices utilized for Information Security, data security, and our resulting responsibilities to protect client’s confidential information from loss, misuse, unauthorized access, disclosure, alteration and destruction.
Accorp provides its customers with Auditing services and GDPR compliance services. In this capacity, we do not own or control any of the information we access on behalf of our customers; all such information is owned and controlled by our customers. This customer information is stored in a secure facility of a third-party independent data processor service provider on hardened systems using industry standard data security methods. Access to this information is restricted to authorized personnel only as dictated by operational policies. This information may be stored on Accorp's internal computer network or in offline filing systems. Access to this information is restricted to authorized personnel only as dictated by operational policies.
The following sections describe Accrorp's comprehensive approach to ensuring enterprise-wide compliance with its Policy. This consists of four (4) major areas: Security, Personnel security awareness, Audits and Contracts.
Security of data is the cornerstone of verifying confidentiality and privacy of data. Accorp Company maintains a rigorous security posture through focused methodology. It is founded on the implementation of best practices and security policies in five (5) major areas providing enterprise wide coverage including:
The above referenced policies and procedures are documented and available for review.
Our personnel consist of employees and contractors.
Accorp regularly notifies and reinforces its Security Policy with its personnel. This is done using the following process:
This Security Policy is self-verified periodically by Accorp's Security Officer. The Security Officer is responsible for:
In addition, Accorp Company, through its internal audit processes, conducts an audit of its security controls a minimum of once per year. This independent review assesses the physical security, network security and operational policies and controls in place to protect customer data. The latest copy of the security review is available to customers, personnel and prospects upon request.
Copyright © 2019 All rights reserved.