About
News
RDR Corporate Accountability Index
Who we are
Resources
Index
Report
Compare
Companies
Services
Categories
Indicators
Download
Back
P13. Security oversight

    P13. Security oversight

    The company should clearly disclose information about its institutional processes to ensure the security of its products and services.

    Elements
    1. Does the company clearly disclose that it has systems in place to limit and monitor employee access to user information?
    2. Does the company clearly disclose that it has a security team that conducts security audits on the company’s products and services?
    3. Does the company clearly disclose that it commissions third-party security audits on its products and services?
    Research guidance

    Because companies handle and store immense amounts of information about users, they should have clear security measures in place to ensure this information is kept secure. We expect companies to clearly disclose that they have systems in place to limit and monitor employee access to user information. We also expect the company to clearly disclose that it deploys both internal and external security teams to conduct security audits on its products and services.

    Potential sources:

    • Company privacy policies
    • Company security guide