Do you have a business continuity plan? | Yes, ISMS 05, can be provided upon Customer's request. |
Do you have a disaster recovery plan? | Business Continuity Plan, can be supplied to the Customer if requested. |
Do you have a copy of your latest SOC audit? | Maytech do not have a SOC 2 report. Our information security management systems are instead ISO 27001 certified, and audited twice a year by Lloyd's Register Quality Assurance, one of the leading global business assurance providers. The criteria / controls required by the two standards were developed to mitigate similar risks and there is considerable overlap in the criteria defined in the Trust Service Principles of SOC 2 and the controls defined in Annex A of ISO 27001. Both standards provide independent assurance that the necessary controls are in place and whereas ISO 27001 is an international standard with its origin in a British standard, SOC 2 is created and governed by the American Institute of Certified Public Accountants, AICPA. |
Are you able to share the results of any such penetration tests with us? (If so, please confirm any format restrictions. Such as a provision to provide abridged summaries only.) | Maytech can share the management summary and residual risk statement upon Customer request. |
With prior agreement, can we arrange for our own third-party penetration test to be carried out? | Customers may perform penetration testing on Maytech's systems subject to advance written agreement. |