Is the use of Tik Tok prohibited in Tax Systems environment due to concerns over data protection, and in line with the actions of UK government?
Security Knowledge Base
Find all your answers here
- Does Tax Systems adhere to Information Security Standards?
- What is the scope of Tax Systems ISO 27001 Certification?
- What are the boundaries for the Tax Systems ISO 27001 Certification?
- Are there any exclusions in the Tax Systems ISO 27001 certification?
- Are there any ISO 27001 Controls that are ‘Not Applicable’?
- Do you have a SOC report?
- Is Tax Systems SOC 1 or SOC 2 certified?
- What mandatory policies does Tax Systems have in place?
- Are Tax Systems services security tested?
- Does Tax Systems undergo an audit or review and how frequently?
- Do you block third parties from connecting remotely to your environments?
- Do you configure remote access methods to prevent unauthorised connections?
- Do you periodically review the router / firewall logs, validating filter operation?
- Do you allow only authorised ports and services?
- Do you have a process on how permissions are granted to access the firewall?
- Is the production environment isolated from development or user acceptance test network?
- Is the use of Tik Tok prohibited in Tax Systems environment due to concerns over data protection, and in line with the actions of UK government?
- Does Tax Systems classify information?
- Who owns the data stored by Tax Systems?
- Will Tax Systems have access to customer data?
- Does Tax Systems share customer data with 3rd parties?
- What are 3rd party rights over access to customer data?
- How can data be retrieved?
- What happens to it if I stop using the service?
- How will Tax Systems protect my stored data?
- How long does Tax System retain customer data?
- Does Tax Systems use firewalls?
- Does Tax Systems use URL filtering?
- How does Tax Systems protect from malicious emails?
- Does Tax Systems protect laptops from malware?
- Does Tax System monitor vulnerabilities out of hours?
- Can customers view the results of independent tests?
- Are Tax Systems solutions independently tested?
- How often are security risk assessments done?
- Who does Tax Systems monitors for Information Security attacks?
- How does Tax Systems protect laptops from unauthorised use?
- Is Tax Systems Cyber Essentials certified?
- What ISO 27001 Statement of Applicability (SOA) controls are ‘Not Applicable’ for Tax Systems certification?
- Does the Tax Systems ISO 27001 scope cover the services provided to customers?
- How often are reviews conducted on policy?
- How does Tax Systems manage risk?
11
- Does Tax Systems monitor compliance with the policy and are the consequences of non-compliance clearly documented and communicated?
- How often does Tax Systems review its policies?
- What is Tax Systems plan for Disaster Recovery in the event that the UK South Region becomes unavailable?
- Does Tax Systems require all employees and contractors associated with the services provided , to periodically sign that they understand and are awareness of security policies and procedures?
- Does Tax Systems communicate the information security policy to all employees, contractors and service providers?
- Does Tax Systems have a Clear Desk policy?
- Does Tax Systems have a Bring Your Own Device (BYOD) policy
- Does Tax Systems have a Business Continuity and Disaster Recovery policy?
- Does Tax Systems have an access Control for all standard, privileged and system accounts
- Does Tax Systems have security configuration standards for networks, operating systems, applications, desktops, and mobile technology
- Does Tax Systems have a Disaster Recovery Plan?
- Where are the Tax Systems Disaster Recovery site?
- How often are Disaster Recovery Plans tested?
- How long does Tax Systems estimate it would take to restore service in the event of a disaster?
- What happens to the performance and responsiveness of the UK West Region if the UK South Region is unavailable?
- Is Tax Systems certified to ISO27031?
- What is Tax Systems back up procedure?