Is there an incident response process which reflects the classification and severity of information security incidents at Xoxoday?
Is there a process to ensure information security events are properly assessed and classified at Xoxoday?
Is there a process for reporting of identified information security weaknesses at Xoxoday and Is this process widely communicated?
At Xoxoday, If the clients' data is being stored in a shared environment
Does Xoxoday have defined and documented policies and procedures around security incident management?
Are there policies mandating the implementation...
Onboarding & Launch Kit
Groups & Communities
Feeds & Announcements
Rewards & Recognition
Quick Access Bar
Save (Perks & Benefits)
Compass Mobile App
Cancellations & Refunds
Are there policies mandating the implementation and assessment of security controls at Xoxoday?
Yes, at Xoxoday We perform quarterly VAPT and have static code analysis via SonarQube
Did this answer your question?
Thanks for the feedback!