We’ve migrated our documentation to a new site, which means some URLs have changed.
Subscriptions

Security Policies and Relevant Documentation

Our policies are available to interested parties as part of our ISMS framework. Some examples of topics that are defined in these documents include:

  • Roles and responsibilities in data protection

  • Process of handling data subject requests

  • Process of notifying data breaches

  • Appointment, position, and duties of the data protection officer

  • General principles of information asset care

  • Access and password policy and management

  • Use policy (internet, wifi, devices, printers, home-office, personal / work use, BYOD, etc.);

  • General principles of communication (emails, WhatsApp, messengers, skype, social media, encryption, and protection of messages)

  • General principles of information handling and manipulation with regard to printed and paper documents (information classification and clean desk policy);

  • Principles and processes for subcontractor selection and evaluation of compliance.

  • Internal controls, education, training, reporting, and awareness training;

  • Confidentiality

    In addition to these confidential policies and procedures, Piano also has policies to be shared upon request. These include:

  • Piano Public Acceptable Use Policy

  • Piano Public DRP

  • Piano Public Information Security Policy

  • DPIA template as support for GDPR compliance of our clients

Last updated: