Security

Fairmarkit’s information security compliance approach

In order to comply with regulatory, operational, and contractual requirements, Fairmarkit has adopted a risk-based management approach to ensure the confidentiality, integrity, and availability of physical and electronic information assets. This overview of Fairmarkit’s security policies will highlight key areas of information security and Fairmarkit’s policies, processes, and procedures that minimize risk and enforce compliance adherence.

padlock across a fence

All Fairmarkit information assets, as well as all information entrusted to Fairmarkit within its business functions, are protected and handled in accordance with security and data governance at the forefront. All of Fairmarkit’s employees, business partners, and other third parties dealing with sensitive, confidential, or proprietary information assets are held to our security and governance policy standards.

Fairmarkit’s Information Security and Governance Objectives

Information and technology assets are necessary for the execution and performance of Fairmarkit’s business functions. Fairmarkit’s management team, company advisors and board of directors, and other entities engaged to provide services to Fairmarkit are made aware of and understand the importance of delivering the Fairmarkit product and service to our customers and vendor partners with the highest degree of security.

Our security and governance policies, and the security certification standards we adopt, have been adopted to address the following objectives

1

Understand and comply with applicable laws, regulations, and guidelines related to information security and data governance.

2

Protect Fairmarkit’s information assets, including all information entrusted to the company by customers and vendors within our business activities.

3

Ensure our customers’ success with high availability and reliability of Fairmarkit’s infrastructure, technology, and SaaS application.

Initiatives and Practices

In order to meet our information security and governance objectives, Fairmarkit has adopted a comprehensive set of policies and procedures. These policies and procedures are all designed, implemented, and maintained in order to effectively maintain the highest levels of information security and data governance.

Identifies and defines security and confidentiality requirements for all data assets across internal, customer, vendor, and partner information. Our designated Information Security roles (Information Owner, CISO, System Owner, Users) are aligned to best practices for day-to-day operations, regular compliance audits, incident management and communication., and designating a Security Incident Response Team.

Regularly trains all employees and service providers of their responsibility for the protection of business information assets, including: Providing up-to-date information security awareness material, and conducting formal exercises and training for incident identification and management. To ensure that we are capable of continuing all critical business functions in the event of a major incident, Fairmarkit maintains a comprehensive incident protocol and disaster recovery plan which includes communication with all relevant parties in the event of an information security incident. Fairmarkit regularly conducts organization-wide risk assessment exercises regarding business-critical assets, processes, and functions.

Engages with service providers and business partners that meet our information security and governance standards. In the case of IT service providers Fairmarkit engages in order to deliver our services to customers, we select third parties capable of demonstrating the highest levels of physical security standards and practices (e.g. AWS for cloud hosting). In all cases, data privacy and confidentiality is paramount; mutual confidentiality agreements are executed for partnerships where confidential or sensitive business information may be shared.

Proactively identifies and protects personal and sensitive data. Fairmarkit has defined and implemented comprehensive Data Privacy policies and educates employees and business partners on Fairmarkit’s use of data in its business practices. Fairmarkit does not sell or make automated decisions based on personal information. Fairmarkit employees with access to potentially-sensitive and/or personal information are provided additional training on handling this information. Development team members do not have access to production data.

Identifies and implements policies and procedures which align Fairmarkit’s data governance and information security standards to industry-wide best practices. Fairmarkit is targeting the following standards certifications:

Further Information

Fairmarkit’s Information Security and Governance
security@fairmarkit.com

Fairmarkit’s Data Privacy Policies and Processes
privacy@fairmarkit.com