Organizational Security Policy

Policy is the First Step in Implementing Cybersecurity

Security Assessment

POL.CA.L2-3.12.1

Planet Security, Inc. shall assess the security controls applied to the CPE/SPE to determine if the controls are effective in their application.

Planet Security, Inc. shall assess the security controls applied to the CLIENT operating environment during our annual visit to determine if the operational controls are effective in their application.

POL.CA.L2-3.12.2

Planet Security, Inc. shall develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in the CPE/SPE and at the client operating environment.

POL.CA.L2-3.12.3

Planet Security, Inc. shall monitor the CPE/SPE on an ongoing basis to ensure the continued effectiveness of the required security controls. (NIST SP800-171).

Planet Security, Inc. shall annually assess the CLIENT operating environment to ensure the continued effectiveness of the required operational security controls. (NIST SP800-171).

POL.CA.L2-3.12.4

Planet Security, Inc. shall develop, document, and periodically (Annually or when a significant change occurs) update system security plans for the CPE/SPE environment that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.

For questions regarding this Information Security Policy, please reach out to your Planet Security, Inc. Support Engineers using Signal.