Compliance

Security, Compliance, Reliability & Privacy

Industry Frameworks for Trust and Security

Our organization’s controls are suitably designed and operating effectively to meet the applicable trust services criteria as well for industry frameworks.

SOC2

SOC 2 (System and Organization Controls) is a regularly refreshed report that focuses on non-financial reporting controls

SOC3

SOC 3 (System and Organization Controls) is a regularly refreshed report that focuses on internal controls

PCI - DSS

The Payment Card Industry's Data Security Standard is an information security standard for the handling of credit card information.

HITRUST

The HITRUST CSF is an industry-agnostic framework for regulatory compliance and risk management.
Vendor Management and Security Assessment Program

Our data centers, co-location, and managed service providers undergo a thorough security assessment as a part of the evaluation process and then undergo regular SOC1, SOC2 and/or ISO/IEC 27001, PCI and HITRUST audits thereafter. In the event these audits have material findings, which present risks to BraveSoft or our clients, we work closely with the vendor to track their remediation efforts until the issue has been resolved

SLA Response for Severity Issues

1
Minute SLA for Severity 1 Incidents
1
Hour Regular Update Communications
1
Minute on Average Incident Response
Scroll to Top
Menu