Founded in 2024
Calmo recognises that the confidentiality, integrity and availability of information and data created, maintained and hosted by us are vital to the success of the business and privacy of our partners.
As a service provider/product, we understand the importance in providing clear information about our security practices, tools, resources and responsibilities within Calmo so that our customers can feel confident in choosing us as a trusted provider.
This Security Posture highlights high-level details about our steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.
Founded in 2024
Controls (41)
Here are the controls implemented at Calmo to ensure compliance, as a part of our security program.
Product security (1)
Situational Awareness For Incidents
Data security (5)
Multi-factor Authentication
Encrypting Data At Rest
Inventory of Infrastructure Assets
Data Backups
Testing for Reliability and Integrity
Network security (6)
Limit Network Connections
External System Connections
Transmission Confidentiality
Capacity & Performance Management
Data used in Testing
Centralized Collection of Security Event Logs
App security (2)
Conspicuous Link To Privacy Notice
Approval of Changes
Endpoint security (3)
Malicious Code Protection (Anti-Malware)
Full Device or Container-based Encryption
Endpoint Security Validation
Corporate security (24)
Code of Business Conduct
Competency Screening
Personnel Screening
Security & Privacy Awareness
Incident Reporting Assistance
Risk Framing
Risk Assessment
Fraud
Third-Party Criticality Assessments
Assigned Cybersecurity & Privacy Responsibilities
Internal Audit using Sprinto
Periodic Review & Update of Cybersecurity & Privacy Program
Management Review of Org Chart
Management Review of Risks
Management Review of Third-Party Risks
Subservice organization evaluation
Subprocessor Requirements
Data Protection Impact Assessment (DPIA)
EU Representative
Testing
Chief Privacy Officer (CPO)
Privacy Act Statements
Asset Ownership Assignment
Data Governance
