Compliance

How do we ensure that we’ve got your back when it comes to various compliances?

Data security, Privacy laws and IT controls:

In an attempt to comply with the most stringent of data privacy and client confidentiality laws, we invest heavily in our IT infrastructure and controls, employing reputed vendors and services. For instance, we use ‘Amazon Web Services’ to purchase server space domiciled in USA. Our IT advisors are ‘Bluecast Technologies’ who are also IT consultants to corporate giants such as Etisalat. To understand the robust IT checks and controls we enforce to prevent data leakage, theft and movement of data outside USA, refer to the “IT Infrastructure” below.


Staff profiling, Independence and employment agreement

Our staff (including partners) have their background profiles screened by a reputable, global background screening company (our current partner being ‘First Advantage’). Profile results may be shared upon request. The staff is also made to sign a Non-Disclosure Agreement and provided training on Data security, Privacy and Independence laws. They would also sign an Independence confirmation on an annual basis to ensure Independence with relation to all restricted entities, the list of which is updated on a real time basis and put up on our Intranet. We have a zero-tolerance policy for breaches of any kind and this is made known and reiterated from time to time to the staff.


Staff competence and training

All employed staff are made to go through rigorous training, both, web based and simulated on-the-job training, before being put into live client service. For information on staff and partner competence please refer to the “Who” section.

IT Infrastructure

Our IT infrastructure and the extent of IT controls we enforce is reflective of our mission to provide our clients quality audit service along with peace of mind on meeting their compliances.

Let’s consider the below.

Amazon Workspaces (AWS)

The entire service is processed on the cloud (nothing on the system hard drive), via AWS which is a managed desktop computing service in the cloud. Since all of the data from a Workspace connection resides on the cloud and not on our laptop systems, your data is secure irrespective of the local system getting corrupt/malfunctioning.

VPN Enabled

We will provide a unique VPN enabled workspace using OpenVPN on our cloud. This will ensure that the traffic is restricted within our network and no third party can access it.

Integrated Portal

We will have Sharepoint enabled services in our workspace to share, organize, and discover information that remains on our selected servers, rather than collaborate over email.

Data Residency Requirements

We meet your data residency requirements by enforcing the Cloud location of our Workspace within the location of your Country.

The controls we have in place include but are not limited to:

  • Desktop and laptop full disk encryption
  • Restriction on usage of removable media (USB drive) on the IT assets
  • Desktop/Laptop firewalls
  • Antivirus and anti-malware software (server, endpoint, gateway)
  • Multi-Factor authentication process

© 2020 Auditree. Web design by Vinndus Technologies