My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2025
>
01/21/2025 Regular & Special SA
>
Item 26 - Agreement with Allied Network Solutions, Inc. for Adobe Software and Subscription
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
1/27/2025 5:03:20 PM
Creation date
1/21/2025 2:16:24 PM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Information Technology
Item #
26
Date
1/21/2025
Jump to thumbnail
< previous set
next set >
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
762
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Security and Hosting Overview <br />June 2015 <br />• Compliance <br />As an element of our ISO 27001 compliance, SAP Fieldglass conducts an enterprise -wide <br />risk assessment. Key individuals from every department are interviewed so that risks can <br />be identified. Risks are then evaluated and entered into a risk treatment plan. This plan is <br />managed by the Security team with oversight by the Security Steering Committee. The <br />Security Steering Committee meets on a quarterly basis. <br />1.2.3 Assessments <br />SAP Fieldglass periodically assesses the security controls to review the effectiveness of <br />each control in addressing risk. If SAP Fieldglass' assessment suggests a need for changes, <br />the baseline standard may be changed to include additional controls. <br />Internal Audit <br />SAP Fieldglass conducts quarterly internal audits for critical controls. Evidence is reviewed <br />by our Sr. Compliance Analyst and a formal assessment report is prepared. Failed controls <br />are made visible by this process so they can be remediated. Executive sign off on the <br />internal audit reports is required. <br />External Audit <br />SAP Fieldglass also contracts with third parties on an annual basis to perform formal <br />security audits on the following: <br />• ISO 27001 surveillance audit <br />• SSAE 16/ISAE 3402 Type 2 SOC1 audit <br />• SSAE 16 Type 2 SOC2 audits in the Trust Services Principles for: <br />• Security <br />• Availability <br />• Processing Integrity <br />• Confidentiality <br />• SSAE 16 Type 1 SOC2 audit in the Trust Services Principle for Privacy (Type 2 audit <br />scheduled for Q3 2015) <br />• Network penetration test <br />• Application penetration test <br />These assessments allow SAP Fieldglass to maintain an appropriate security posture in <br />order to protect the company and its systems, as well as its customers' data. <br />We are currently working with ourthird party audit partner in bringing our EU datacenters <br />into scope for our 2015 ISO 27001 audit and SSAE 16/ISAE 3402 Type 2 SOC1 and SOC2 <br />examinations. <br />SAP Fieldglass , 7 1 21 <br />
The URL can be used to link to this page
Your browser does not support the video tag.