To ensure good security practices, Structural recommends the following:
Structural encourages customer organizations to implement sound and consistent internal controls regarding general IT system access and system usage.
Customers should deactivate user accounts for any users who have been terminated and are no longer with the customer organization.
Changes to customer data should be appropriately authorized and completed in a timeline manner.
For customers who send data to Structural, data should be protected by appropriate methods to ensure confidentiality, privacy, integrity, availability, and non-repudiation. It’s encouraged that customers implement appropriate controls requiring additional approval procedures for critical transactions relating to Structural’s services.
Customers should report to Structural in a timely manner any material changes to their overall control environment that may adversely affect services being performed by Structural.
Customers are responsible for notifying Structural in a timely manner of any changes to personnel directly involved with administrative services performed by Structural.
Customers are responsible for adhering to the terms and conditions stated within their contracts with Structural.
_____________________
Please note, the list of customer control considerations presented above do not represent a comprehensive set of all the controls that should be employed by our customer organizations.
If you have any further questions or concerns, please contact us using the link below.