91探花 has a formal information security program, designed to develop and maintain privacy and data security practices to protect company assets and sensitive third-party information (including personal information). This program is governed by a committee comprising members of senior management, including the Company鈥檚 Chief Information Officer, which meets regularly and reports to the Board of Directors at least annually.

91探花 recognizes the importance of protecting information assets such as personally identifiable information (PII) of our clients and employees, and has adopted policies, management oversight and accountability structures, and technology processes designed to safeguard this information. Client-facing data privacy and security policies may be viewed here. All 91探花 employees and contractors with access to 91探花 data attest annually to information security policies, and are required to participate in regular security awareness training to protect themselves and the 91探花 data to which they have access. These trainings also instruct employees and contractors with access to 91探花 data on how to report any potential privacy or data security issues.

91探花鈥檚 Information Security organization comprises internal and external resources designed to identify, protect, detect, resolve, and recover from various threats and attacks of malicious actors. 91探花 leverages 24x7x365 monitoring tools and services to address the confidentiality, integrity, and availability of company assets and data. Regular internal and third-party reviews are performed on processes and technologies to validate the effectiveness of privacy and data security controls, with external independent audits at least once every two years. Employees also undergo annual cybersecurity training and periodic randomized testing to mitigate external threats.

91探花 monitors best practices and developments in data privacy and security, including increased scrutiny of third-party service providers with access to sensitive company data. 91探花 works with third-party service providers to monitor and support the control environment and breach notification processes. 91探花 also maintains its own fully documented proprietary security incident response plan, with defined roles and responsibilities that address notification obligations and procedures in the event of a data breach.

91探花 is dedicated to business continuity and resiliency. We have documented strategies, policies, and procedures in place to protect employee, business, and client data in the event of an emergency or natural disaster.