Are IS Systems subject to audit at Xoxoday and does the audit process ensure business disruption is minimised?
Is there a process to ensure information security events are properly assessed and classified at Xoxoday?
Does Xoxoday have a policy governing information classification and is there a process by which all information can be appropriately classified?
Is there an established process at Xoxoday to accept new systems / applications, or upgrades, into production use?
Is there a process for reporting of identified information security weaknesses at Xoxoday and Is this process widely communicated?
Is there a process to risk assess and react to...
Onboarding & Launch Kit
Groups & Communities
Feeds & Announcements
Rewards & Recognition
Quick Access Bar
Save (Perks & Benefits)
Compass Mobile App
Cancellations & Refunds
Is there a process to risk assess and react to any new vulnerabilities as they are discovered at Xoxoday?
We have quarterly VAPT performed on the entire application by a third-party security auditor.
Did this answer your question?
Thanks for the feedback!