This Information Risk Management Policy outlines the guidelines and procedures for the management of information risks within the Netspective Communications LLC. [FII-SCF-020-RSK-01]
-
Netspective Communications LLC must appropriately manage any system or process that supports business functions for information risk and conduct information risk assessments, at a minimum annually, as part of a secure system development life cycle. [FII-SCF-019-PRM-07]
-
Netspective Communications LLC must conduct information security risk assessments for new projects, implementations of new technologies, significant changes to the operating environment, or in response to the discovery of a significant vulnerability.
-
Netspective Communications LLC are responsible for selecting the risk assessment approach you will use based on your needs and any applicable laws, regulations, and policies.
-
Netspective Communications LLC must document the results of the risk assessment and the decisions made based on these results. [FII-SCF-020-RSK-07]