Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Does your Vendor have an Information Security Policy or Program addressing confidentiality, integrity, and availability of their facilities, systems and the information in their possession and control? 
Oracle NetSuite has extended the ISO 27001 Information Security Management System to include the ISO 27018 control set, demonstrating protection and adequacy for processing Personal Information as a Public Cloud Hosting Provider. 

Is Are user data, extracts or summaries used for any other purpose other than providing Service? 
No, customer data is not used for anything other than providing Service.  

Is there a Business Continuity plan for the Service with Recovery Point Objective (RPO) and Recovery Time Objective (RTO) metrics? 
There is no formal Business Continuity plan with ROP RPO and RTO objectives.