Controls
Here are the controls implemented at TAG Capital GmbH's Trust Center to ensure compliance, as a part of our security program.
Product security (2)
Situational Awareness For Incidents
Entity maintains a record of information security incidents, its investigation, and the response plan that was executed in accordance with the policy and procedure defined to report and manage incidents.
Centralized Management of Flaw Remediation Processes
Entity tracks all vulnerabilities and remediates them as per the policy and procedure defined to manage vulnerabilities.
Data security (1)
Inventory of Infrastructure Assets
Entity develops, documents, and maintains an inventory of organizational infrastructure systems, including all necessary information to achieve accountability.
Network security (3)
Limit Network Connections
Entity ensures that the production databases access and Secure Shell access to infrastructure entities are protected from public internet access.
Transmission Confidentiality
Entity has set up processes to utilize standard encryption methods, including HTTPS with the TLS algorithm, to keep transmitted data confidential.
Data used in Testing
Entity ensures that customer data used in non-Production environments requires the same level of protection as the production environment.
App security (1)
Conspicuous Link To Privacy Notice
Entity displays the most current information about its services on its website, which is accessible to its customers.
Corporate security (4)
Incident Reporting Assistance
Entity has provided information to customers on how to report failures, incidents, concerns, or other complaints related to the services or systems provided by the Entity in the event there are problems.
Assigned Cybersecurity & Privacy Responsibilities
Entity's Senior Management assigns the role of Information Security Officer who is delegated to centrally manage, coordinate, develop, implement, and maintain an enterprise-wide cybersecurity and privacy program.
Chief Privacy Officer (CPO)
Entity appoints a Privacy Officer to assess and facilitate the entity's compliance with relevant regulatory requirements.
Asset Ownership Assignment
Entity has set up mechanisms to assign and manage asset ownership responsibilities and establish a common understanding of asset protection requirements.
