Our information security controls implement the appropriate safeguards to ensure the safe functionality of systems, applications, and services.

These activities are performed consistent with our risk strategy and support the ability to limit or contain the impact of a potential information security event. Controls in this category focus on helping us understand the following:

  • How user accounts are being managed;
  • Established maintenance plans to keep the system patched and secure;
  • Change control processes;
  • End user security training & awareness; and
  • Baseline configuration hardening that is in place.