LogoLogo
Current Version
Current Version
  • Welcome to FundApps' Policy Portal
  • FundApps Policies
    • Technical & Platform Overview
    • Software Development
    • Risk Management
      • Risk Management Framework
      • Information Asset Register
      • Information Systems Register
      • Data Classification and Protection Standard
    • Information Security Management System
      • Information Security Management Policy
      • Scope
      • Statement of Applicability
      • Objective Plan
      • Roles, Responsibilities and Organisation
      • Performance Evaluation
      • Internal Audit Policy
      • Internal Audit Plan for a 3 year cycle
      • Continual Improvement Process
      • Internal and External Communication Plan
      • Document Control Policy
    • Information Security Policies
      • Client Services Access to Client Environments
      • Employee Guide
      • Security Awareness Program
      • Social Media
      • Access Control
      • Physical Security
      • Network Security
      • Logging, Monitoring and Alerting
      • Incident Response
      • Data Backups
      • Privacy Policy
      • Vulnerability Management Policy
      • Security Exception Management Policy
      • Information Security Risk Register
      • Data Retention Policy
      • Patch Management Policy
      • Cryptographic Policy
      • Information Security in Project Management
      • Information Transfer Policy
      • Third Party Risk Management
    • Business Continuity
      • Business Continuity Management System
      • Business Continuity Policy
      • Business Continuity Risk Register
      • Technical Resilience
      • Business Continuity Documents
    • Personnel & Safety
      • Overview
      • Code of Conduct
      • Health and Safety
      • Third party vendors
      • The FundApps Code for Third Parties
  • Legal Information
    • 📖General Terms
      • Fair Usage Policy
      • Third Party Data Provider Terms
    • DORA
      • Operational Resilience Statement
      • Statement on Contractual Compliance
      • Subcontractors and Service Location
      • Threat-Led Penetration Tests (TLPT) Policy
    • 📃Insurance
    • 🌍Carbon Neutral
  • 🤖AI
    • 💬FundApps Assistant (Intercom)
  • Policy Change Log
    • May 2025
    • March 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • August 2024
    • July 2024
    • June 2024
    • April 2024
    • February 2024
    • January 2024
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • June 2023
    • February 2023
    • December 2022
    • October 2022
    • September 2022
    • June 2022
    • March 2022
    • February 2022
    • January 2022
    • December 2021
    • November 2021
    • October 2021
    • August 2021
    • July 2021
    • January 2021
    • August 2020
    • May 2020
    • March 2020
    • November 2019
    • September 2019
Powered by GitBook
On this page
  • What we do
  • What we are unable to do

Was this helpful?

Export as PDF
  1. FundApps Policies
  2. Information Security Policies

Client Services Access to Client Environments

At FundApps, we are dedicated to providing the highest support quality while ensuring consistent data confidentiality, integrity, and availability.

As such, there are certain actions we can (and cannot) take on your behalf. The following is a list of some of the work practices you can expect from us:

What we do

  • We use secure virtual desktops to access client platforms.

  • We provide a valid and unambiguous reason every time we log into a client environment (reviewable at any time in the audit trail).

  • We may click the "Validate File" button to troubleshoot failed file validations

  • We may download/export relevant files to conduct necessary analysis to troubleshoot unexpected behaviour (i.e. disclosure documents, positions and portfolio files). These files will only be downloaded to secure virtual desktops and destroyed when no longer required.

  • We may create or edit Companies as part of the environment setup. Subsequent changes must be based on a written request from a client with administrator privileges.

  • We verify all calls made to our support line are from legitimate users of our platform.

What we are unable to do

  • We cannot create or edit any users (except the initial admin users when setting up the environment)

  • We cannot create or edit any data overrides

  • We cannot upload any files to client environments (except disaggregations & imported disclosures as part of the initial setup)

  • We cannot interact with results, except when downloading already generated documents to support

  • We cannot action any tasks, including approving any rules

  • We cannot download any files from a client’s platform anywhere except a secure virtual desktop.

PreviousInformation Security PoliciesNextEmployee Guide

Last updated 2 years ago

Was this helpful?