The purpose of RevCult’s Commitment to Security Statement is to provide our Clients and prospective “Clients” a description of the company’s commitment to safeguarding their information.
Our responsibility to our Clients includes assessing policies and company guidelines to address the ever-changing security landscape, evaluating our security controls, monitoring unauthorized access, and having a response strategy in place in the event that an emergency response is needed. At all levels of the company, we are invested in safeguarding Client data. We acknowledge that it is our duty to issue a swift and immediate response in the event that RevCult’s security controls were to be compromised.
RevCult commitment to security encompasses the following key areas:
Internal Risk Committee and Executive Leadership
- RevCult has established an Internal Risk Committee (IRC) to oversee privacy and security controls standards. IRC members include a cross-functional group of senior representatives from Software and Services, Product Development, Information Security, Human Resources, and Finance.
- The IRC meets quarterly with Executive Leadership to discuss the ever-evolving security landscape, and to recommend security best practices, as well as the required controls needed to safeguard Client and employee data.
- All RevCult employees are encouraged to meet with members of the IRC to discuss security best practices.
Security Awareness and Training
- All RevCult employees are required to participate in our annual security and awareness training upon hire and thereafter.
- RevCult requires the use of MFA for software containing sensitive data.
- Unauthenticated access to RevCult devices and software are monitored and are prohibited.
RevCult has established and enforces procedures to protect all types of data stored on RevCult information systems and in transmission.
All RevCult employees are provided access to RevCult information and information system(s) in accordance with their assigned duties or functions.
- Physical access is controlled for onsite personnel and business partners to sensitive areas.
- Visitor logs are used to maintain a physical audit trail of visitor activity to sensitive areas.
We value your trust in providing us your Personal Information, thus we are striving to use world class means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.
RevCult maintains a process for the reporting of security incidents. RevCult takes all suspected incidents seriously and will investigate all suspected incidents as quickly as possible.