Compliance

Industry Frameworks for Trust and Security

Our organization’s controls are suitably designed and operating effectively to meet the applicable trust services criteria as well for industry frameworks.

SOC2

SOC 2 (System and Organization Controls) is a regularly refreshed report that focuses on non-financial reporting controls

SOC3

SOC 3 (System and Organization Controls) is a regularly refreshed report that focuses on internal controls

PCI - DSS

The Payment Card Industry's Data Security Standard is an information security standard for the handling of credit card information.

HITRUST

The HITRUST CSF is an industry-agnostic framework for regulatory compliance and risk management.

Vendor Management and Security Assessment Program

Our data centers, co-location, and managed service providers undergo a thorough security assessment as a part of the evaluation process and then undergo regular SOC1, SOC2 and/or ISO/IEC 27001, PCI and HITRUST audits thereafter. In the event these audits have material findings, which present risks to BraveSoft or our clients, we work closely with the vendor to track their remediation efforts until the issue has been resolved

SLA Response for Severity Issues

Minute SLA for Severity 1 Incidents

Hour Regular Update Communications

Minute on Average Incident Response

Compliance

Industry Frameworks for Trust and Security

SOC2

SOC3

PCI - DSS

HITRUST

Vendor Management and Security Assessment Program

SLA Response for Severity Issues

<span data-metadata=""><span data-buffer="">Let’s connect & discuss your needs.

<span data-metadata=""><span data-metadata=""><span data-buffer="">Fill out the form and our team will get back to you within 24 hours.

Schedule a Discovery Call

©2023 Bravesoft.Inc. All rights reserved