Response SLA

Leadership reply within 24 hours

Delivery Regions

USA, Spain, India, Ecuador, and global remote

Engagement Control

NDA-first, written authorization required

Control Alignment

Mapped to SOC 2, ISO 27001, PCI DSS, HIPAA

Security

Security and confidentiality commitment.

Our delivery model is built for enterprise trust, legal clarity, and controlled data handling.

Version

Security Commitment v4.1

Owner

Office of the CISO

Status

Board-Approved Policy

Last updated

February 19, 2026

Data minimization

Only required engagement data is collected, with controlled retention and secure disposal practices.

Confidentiality controls

NDA-first execution, role-based access, and restricted sharing of engagement artifacts.

Secure collaboration

Approved communication channels, encryption in transit, and protected project workflows.

Governance commitments

01

Authorization

Written authorization and defined rules of engagement required before testing begins.

02

Escalation

Critical issue escalation process for leadership and technical stakeholders.

03

Evidence handling

Controlled storage, access logging, and lifecycle management of findings evidence.

04

Closure assurance

Retest-backed closure confirmation with stakeholder sign-off support.