Have the data centers successfully passed relevant certifications and audits? Please provide the most recent version of your certification/audit.
Microsoft’s Azure cloud services meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards like Australia IRAP, UK G-Cloud and Singapore MTCS.
ZingHR Operational center also meets standards like ISO 27001.
Is ZingHR operation center ISO 27001 certified?
Yes, ZingHR Operational center is compliant and certified with ISO 27001:2013
Do you review your applications for security vulnerabilities and address any issues prior to deployment to production?
ZingHR conducts network penetration and application penetration tests of our cloud service infrastructure periodically as prescribed by industry best practices and guidance
Does ZingHR allow customers to audit?
In the United Hosting environment ZingHR application is multi-tenant in nature, access to customers for audit is restricted. However at ZingHR we regularly conduct third party audit, penetration tests and reports on these tests can also be shared on request. Customer can review security controls, audit reports and can Interview Security personnel of ZingHR on request.
Does ZingHR performs risk assessment and risk treatment?
Yes, ZingHR security team performs Risk Assessment in all domains like strategic, Financial , Regulatory , Compliance , management , Operational, Technical etc. The purpose of this process is to prevent Loss, damage or compromise of information assets and possible interruption to business activities and proactively analyze Compromise or theft of information and information processing equipment. Risk is the net negative impact of the
exercise of a vulnerability, considering both the probability and the impact of occurrence. Risk management is the process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level.