StratPro360
  • Home
  • Core Feature
  • Why Us
  • Packages
  • Contact

Information Security & Controls Statement

  • 1. Purpose

    This Information Security & Controls Statement outlines StratPro360’s approach to safeguarding information assets, maintaining system integrity, and ensuring confidentiality, availability, and integrity of client data in line with recognized international standards.

  • 2. Security Governance

    StratPro360 maintains an information security governance framework aligned with the principles of ISO/IEC 27001 and SOC 2 Trust Services Criteria, covering:

    • Information security policies and procedures
    • Defined roles and responsibilities for security oversight
    • Risk assessment and mitigation processes
    • Management review and continuous improvement

  • 3. Access Control

    StratPro360 enforces role-based access controls, including:

    • Least-privilege access principles
    • User authentication and authorization controls
    • Segregation of duties
    • Periodic access reviews and revocation procedures

  • 4. Data Protection

    Client data is protected through:

    • Logical and physical access controls
    • Encryption of data in transit and, where appropriate, at rest
    • Secure configuration and hardening of systems
    • Controlled data processing environments

  • 5. Monitoring & Logging

    StratPro360 implements logging and monitoring controls to:

    • Detect unauthorized access or anomalous activity
    • Support auditability and forensic investigation
    • Maintain traceability of system and user actions

  • 6. Incident Management

    Security incidents are managed through a formal incident response process, including:

    • Identification, classification, and containment
    • Root cause analysis and remediation
    • Client notification in accordance with contractual and legal requirements

  • 7. Business Continuity & Resilience

    StratPro360 maintains business continuity and disaster recovery arrangements designed to support system availability and data integrity in line with enterprise service expectations.

  • 8. Third-Party Risk Management

    Third-party service providers are subject to due diligence and contractual safeguards to ensure alignment with StratPro360’s security and confidentiality requirements.

  • 9. Assurance

    Upon reasonable request, StratPro360 may provide clients with relevant security documentation or third-party assurance reports, subject to confidentiality obligations.

StratPro360

StratPro360 was developed to address the increasing complexity, regulatory scrutiny, and performance expectations facing real estate organizations

Quick Link
  • Home
  • Core Feautres
  • Why Us
  • Packages
  • Contact
Legal & Compliance
  • Terms and Conditions
  • Privacy Statement
  • Terms of Use
  • Information Security & Controls Statement
  • Exit & Data Portability Policy
  • Regulatory & Audit Cooperation Clause