To ensure good security practices, Structural recommends the following:
- Structural encourages customer organizations to implement sound and consistent internal controls regarding general IT system access and system usage.
- Customers should deactivate user accounts for any users who have been terminated and are no longer with the customer organization.
- Changes to customer data should be appropriately authorized and completed in a timeline manner.
- For customers who send data to Structural, data should be protected by appropriate methods to ensure confidentiality, privacy, integrity, availability, and non-repudiation. It’s encouraged that customers implement appropriate controls requiring additional approval procedures for critical transactions relating to Structural’s services.
- Customers should report to Structural in a timely manner any material changes to their overall control environment that may adversely affect services being performed by Structural.
- Customers are responsible for notifying Structural in a timely manner of any changes to personnel directly involved with administrative services performed by Structural.
- Customers are responsible for adhering to the terms and conditions stated within their contracts with Structural.
Please note, the list of customer control considerations presented above do not represent a comprehensive set of all the controls that should be employed by our customer organizations.
If you have any further questions or concerns, please contact us using the link below.