At Risk Priorities Inc., we are committed to security. Our service (“Service”, “RegTechIQ™”) has been designed and includes multiple layers of protection and comprehensive security to help protect the data that you store in RegTechIQ™.
We all have a part to play in preventing cyber security incidents and mitigating the risks associated with these threats. Whilst we have taken technical measures to provide our Service in a secure manner, the most robust and advanced security measures and controls are all for nothing if users lack awareness related to acceptable security practices. For example, common cyber security attack vectors involve users visiting unsafe websites, downloading files with malicious code, clicking on URLs from suspect sources, and providing user account information to imposters. All of these behaviors significantly increase the risk of unauthorized access to your organization’s networks, systems, resources, and data.
In using our Service, we encourage your organization and users of RegTechIQ™ to be vigilant in guarding against the mentioned attack vectors.
In order to gain access to your organization’s instance in RegTechIQ™, a user is required to input a login ID and password. We encourage your organization’s RegTechIQ™ users to use strong passwords. In addition to password controls, RegTechIQ™ has been designed to provide two-factor authentication. We also encourage your organization to take advantage of this feature in RegTechIQ™, and require your users to use two-factor authentication.
Application Security Policies
RegTechIQ™ has been designed with built-in application security policies, which are available for your organization to use at any time in our Service. We encourage your organization to use all of the application security policy features provided in RegTechIQ™.
We understand that identity and access management can be a complex area and must be nimble to accommodate diverse business and regulatory requirements. In response, we provide you with robust means to help your organization create, manage and assign permissions to the user accounts who have access to RegTechIQ™ and your data. Based on the software trial and subscription plan that you purchase, you have the ability to invite and grant access to a certain number of users. During set-up and any time after, your organization’s designated RegTechIQ™ administrator/s have the ability to assign users with roles, which are granted permissions to modules and resources. These roles and assigned permissions can be customized at any time to fulfill your organization’s unique requirements. In addition, to provide highly robust control over the data that your organization’s users can view in RegTechIQ™, access filters are available to restrict access accordingly. Whilst your organization may have complex access control requirements across multiple jurisdictions, we enable you to seamlessly and securely manage that complexity.
When using RegTechIQ™, we encrypt all data that passes between your organization and RegTechIQ™. This data is encrypted while in transit and also at rest when stored on the RegTechIQ™ infrastructure.
RegTechIQ™ comes with full audit trail and logging and is automatically enabled when you use our Service. In addition, authentication attempts to your instance of RegTechIQ™ are automatically captured, and are available for review by your organization.