BriteCore RFI

Application Security

To provide our clients with the exceptional service, uptime, and availability our clients require, we are proactive and vigilant in our efforts to produce and maintain a stable, secure environment for products and services. We closely monitorall systems critical to the daily support and operations of BriteCore staff, carriers, and their customers.

Questionnaire

  1. Is application development performed?

    Yes.

  2. Is there an operational change management / change control policy or program that has been approved?

    Yes, we have an operational change management program that has been approved by management, communicated to appropriate constituents, and to an owner for maintenance and review.

  3. Is there an anti-virus / malware policy or program in place?

    Yes.

  4. Is there a formal Software Development Life Cycle (SDLC) process?

    Yes.

  5. Are systems and applications patched?

    Yes.

  6. Is a web site supported, hosted or maintained that has access to Scoped Systems and Data?

    Yes, the scoped system is a website.

  7. Are vulnerability tests (internal/external) performed on all applications at least annually?

    Yes, we perform quarterly third party scans and monthly internal scans.

  8. Are encryption tools managed and maintained for Scoped Data?

    Yes.

  9. Is there an annual schedule of required tests?

    Yes.

  10. Are BC/DR tests conducted at least annually?

    Yes.