Account Vigil
Account Vigil is a compliance tool that includes vital information about the contractual and regulatory obligations associated with an account.
It is a tool-based repository that provides an overview of Account Compliance. It serves as a reference document during security audits and assessments and acts as a guideline for adding, deleting, or modifying business requirements (such as changes to the MSA, additions of PIDs, or changes in operating locations).
Account vigil needs to be filled at account level, where we collect account-related data, including specific controls in accordance with the MSA.
The Security SPOCs or PMO for the specific account must complete the Account Vigil.
Account Vigil has following sections, where respective designated SPOC is required to provide the necessary inputs as applicable-
- Delivery Models
- Account Contractual and Audit Regulatory Requirements
- BCP Requirements
- Client mandate physical security requirements
- Allocation/ de-Allocation Contractual requirements
- Data Protection and Data Privacy
- Endpoint security requirements
- Security Incident reporting requirements
- Vulnerability assessment and penetrating testing requirements
- Third party engagement requirements
- Exception access
- Application
- Software
- Cloud