All our clients are highly concerned about the security of their data and want to know who has access and details of that access. We always have current background checks on our employees and often need to have those done again by our client’s vendor at the beginning of an engagement. We are often asked about physical security as well and master agreements usually contain a clause that we can be audited at any point. We have recently added a few new clients in the security industry and faced new questions. We have reported on everything from our pandemic preparedness plan to exactly where each security camera points to where records are stored for our mandatory and frequent security and privacy training for our employees. We’ve needed to assure clients about our USB drive use policies. For our ‘clean desk’ policies we have had to detail how we monitor and how we measure compliance. And those are just a few examples
Happy to say we've passed all the reviews: Could you do the same?