Policies & Frameworks (PAFs)
Welue shall documents and publish PAFs named in the table below and as currently available in the URL mentioned against their respective name in the table below and as may be amended/updated by us from time to time. Such PAFs shall be deemed to be an integral part of this agreement.
PAF Name | Located at |
Acceptable Use Policy or AUP | https://multey.com/aup |
Privacy Policy | https://multey.com/privacy |
Security Policy | https://multey.com/security |
Content Policy | https://multey.com/content |
Business Continuity Plan | https://multey.com/bcp |
Disaster Recovery Plan | https://multey.com/drp |
Change Management Plan | https://multey.com/cmp |
Incident Response Process | https://multey.com/irp |
Site Terms | https://multey.com/siteterms |
User Support Guidelines | https://multey.com/support |
Trademark Use Guidelines | https://multey.com/tug |
PAFs shall generally include (but not limited to) the following:
- A documented information security management process and be proven to be operating effectively through periodic internal checks and/or external audits by independent and qualified practitioners.
- Designate a security point of contact at Welue to act as the liaison between you and us.
- Ensure that only individuals with an approved need to know are allowed to access your information, your employee information, and/or your customer proprietary information.
- Data classification system where your information is classified according to its sensitivity.
- Acceptable use policy applicable to all users and enterprises with clearly enumerated cases of prohibited use.
- Adequate controls on change management that requires appropriate validations from Welue?s designated security point of contact for any changes to the applications that could reasonably be deemed to have an impact on the security environment within the Welue organization;
- Incident response plan and related procedures in place for implementation in the event of a security breach, with the procedure, frequency and results of testing of the same. The documented plan and test results report are provided on upon request.
- Audit logging enabled that tracks key user actions.
- Disaster recovery plan and business continuity plan in place to counteract interruptions to business activities and to protect critical business processes from the effects of major failures and disasters; with the procedure, frequency and results of testing the same.
-
INHX Page End Banner