Compliance Audits and External Communications¶
2026.1
Changineers may be requested occasionally to share additional details regarding its compliance, privacy and security program by an external entity such as a customer, media, legal or law enforcement. Such external communication, beyond what is already publicly published, needs to comply with the following policies and procedures.
Policy Statements¶
Changineers policy requires that:
(a) Changineers operations must comply with all applicable laws, regulations, security standards and frameworks. External audits shall be conducted accordingly to each applicable compliance requirement.
(b) All external communications related to compliance and customer/employee privacy must follow pre-established procedures and handled by approved personnel. This includes but is not limited to distribution of audit reports, assessment results, incidents and breach notification.
(c) Audit and compliance reports may be shared with an external party only when under signed NDA and approved by Changineers Security and/or Privacy Officer.
Revision History¶
| Date | Summary | Approved by |
|---|---|---|
| 2020-01 | Initial revision. | James Gregory |