LogoLogo
v2021-07
Current Versionv2018-04v2019-09v2019-11v2020-03v2020-05v2020-08v2021-01v2021-07v2021-10
v2021-07
Current Versionv2018-04v2019-09v2019-11v2020-03v2020-05v2020-08v2021-01v2021-07v2021-10
  • Welcome
  • FundApps Policies
    • Technical & Platform Overview
    • Software Development
    • Risk Management
      • Risk Management Framework
      • Information Asset Register
      • Information Systems Register
      • Data Classification and Protection Standard
    • Information Security Management System
      • Information Security Management Policy
      • Scope
      • Statement of Applicability
      • Objective Plan
      • Roles, Responsibilities and Organisation
      • Performance Evaluation
      • Internal Audit Policy
      • Internal Audit Plan 2021
      • Continual Improvement Process
      • Internal and External Communication Plan
      • Document Control Policy
    • Information Security Policies
      • Client Services Access to Client Environments
      • Employee Guide
      • Security Awareness Program
      • Social Media
      • Access Control
      • Physical Security
      • Network Security
      • Logging, Monitoring and Alerting
      • Incident Response
      • Data Backups
      • Privacy Policy
      • Vulnerability Management Policy
      • Security Exception Management Policy
      • Information Security Risk Register
      • Data Retention Policy
      • Patch Management Policy
    • Business Continuity
      • Business Continuity Management System
      • Business Continuity Policy
      • Business Continuity Risk Register
      • Technical Resilience
      • Business Continuity Documents
    • Personnel & Safety
      • Overview
      • Code of Conduct
      • Health and Safety
      • Third party vendors
  • Policy Change Log
    • July 2021
    • January 2021
    • August 2020
    • May 2020
    • March 2020
    • November 2019
    • September 2019
Powered by GitBook
On this page
  • Objective
  • Scope
  • Policy
  • Raising Exceptions
  • Approving Exceptions
  • Recording Exceptions
  • Reviewing Exceptions

Was this helpful?

Export as PDF
  1. FundApps Policies
  2. Information Security Policies

Security Exception Management Policy

Objective

The purpose of this policy is to define the way in which FundApps raises, approves, records and reviews exceptions to its information security policies.

Scope

This policy applies to all exceptions to FundApps' security policies.

Policy

Raising Exceptions

All exceptions must be raised to the Information Security Lead, the CTO or the CEO in a timely fashion once they have been detected.

Approving Exceptions

Exceptions must be approved by the Information Security Lead, the CTO or the CEO.

Recording Exceptions

Exceptions must be recorded in the Security Exception Log here[Restricted to FundApps staff].

Reviewing Exceptions

Exceptions will be reviewed by the Information Security Lead yearly.

PreviousVulnerability Management PolicyNextInformation Security Risk Register

Last updated 3 years ago

Was this helpful?