Our Partners close more business.
Use these powerful resources to win more business, faster, with less effort.
Call 877-411-2220 x121 for personal support with any opportunity.
RESET SEARCH
Hosting Quote Estimator
GET a FREE Sandbox or Trial Environment NOW
How To Use This Tool:
To find answers to common RFP and RFI questions, select a tag, or, search for terms like "security", "performance", etc. You will find common questions and answers grouped together in one record. Follow the tag links to refine your search. Supporting downloads and documentation are available, below.
Please login to obtain download access to additional supporting documentation. Registered users can also contribute to the database. You can request access by Contacting Us.
Supporting Documents
Please note that assets with generic thumbnail require login for access. If you require access please Contact Us.
© Omegabit LLC, 2023
Enter a Search Phrase or Select a Tag
Content with tag nda .
Personnel & Contractors - Rules and Policies
Q:
Acceptable Use? If yes, are they required to sign/acknowledge the policy?
Code of Conduct / Ethics and conflict-of-interest? If yes, are they required to sign/acknowledge the policy?
Confidentiality Agreement / Non-Disclosure Agreement? If yes, are they required to sign/acknowledge the policy?
Are employees and contractors required to comply with security policies in which non-adherence is subject to disciplinary action, up to and including termination and/or civil or criminal liability?
Have you established rules that govern users (employees and contractors) on the expected behavior with regards to information and information system usage?
Do you have an established usage restrictions and implementation guidance for wireless access?
A:
Yes.
Yes.
Yes.
Yes.
Generally speaking, any externalized service is specifically contracted to match or exceed the terms and conditions of any relevant Client project or activity and parties are required to agree to complementary terms of engagement that are commensurate with Client and SLA requirements.
Yes
Personnel & Contractors - Security, Privacy Policy and Training
Q:
Do you have a formal policy regarding security awareness and training?
Do you require employees and contractors to go through Privacy and Security Awareness training upon hiring and annual renewal?
Do you retain individual's training records?
Have you established rules that govern users (employees and contractors) on the expected behavior with regards to information and information system usage?
Are they required to sign/acknowledge Acceptable Use Policy?
Are they required to sign/acknowledge Code of Conduct / Ethics and conflict-of-interest?
Do you have a formal policy regarding security awareness and training?
Do you provide security-related training based on the employees job function as required to perform assigned duties?
Do you require employees and contractors to go through Privacy and Security Awareness training upon hiring and annual renewal?
Is there a formal privacy awareness training program for employees, contractors, volunteers (and other parties, as appropriate)?
A:
ref: IT Security Handbook is provided to each employee upon hire
Yes; please see related answers concerning policies and methods on tab 1.
Trainings are ongoing, role and privilege specific, and typically performed on a one-on-one basis by a qualified supervisor logged as part of private personnel records. Training is segmented by the same basic constructs outlined in the Omegabit IT Security Handbook, plus specific proprietary training that relates to the advanced operation of Omegabit and Client infrastructure. Administrators are only approved to access and operate environments on which they have received specific operational training with supervisory sign-off, or, are the originator and original architect of the environment responsible for documenting and establishing any custom training facets for said environment.
Generally speaking, any externalized service is specifically contracted to match or exceed the terms and conditions of any relevant Client project or activity and parties are required to agree to complementary terms of engagement that are commensurate with Client and SLA requirements.
Yes.
Yes.
Yes.
ref: IT Security Handbook is provided to each employee upon hire
Yes.
Yes.
Omegabit provides awareness training as it relates to the handling of customer information and custom Liferay software design, according to modern PII standards, systematically: relating to all facets of its internal and Client hosted operations. This practice is continuously refreshed to keep pace with evolving threats and industry best practices as part of Omegabit day to day operations, and is disseminated in regular updates to employees. Key procedures are updated and noted by affected personnel. Administrators are specially trained, and updated on any special Client-specific requirements relating to operational security and privacy before being allowed access and control of sensitive Client environments, and are tasked with keeping current with relevant information updates as part of their normal responsibilities. Omegabit hosted and managed environments are ONLY managed by highly-trained personnel with specific awareness and experience with the uniquness of specific customer environment they are assigned to maintain. We do not assign generic administrators or support personnel as is typical of other commodity providers - everyone in contact with the Client and related infrastructure has specific working knowledge, sensitivity, and awareness to the circumstnces of that specific installation, and any related constraints relating to compliance of the Client stack.