frp_2024_sustainability_resiliency_report_v05.pdf

DATA SECURITY & CUSTOMER PRIVACY

Foundation Risk Partners has stringent policies around data security and customer privacy.

We have a security assessment policy that applies to all FRP information systems and information system components. FRP periodically assesses the security controls in organizational information systems to determine if the controls are effective in their application. Both security and vulnerability assessments are performed by internal staff ensure appropriate levels of coverage and oversight are maintained.

Internal vulnerability scans are performed monthly and external scans are performed at minimum quarterly. All vulnerabilities are addressed immediately and tracked via internal ticketing system.

We routinely scan our network and applications for unauthorized access through our network and security vendors. FRP enforces enterprise - wide security procedures for web sites, applications, databases, servers, networks, desktops and other endpoints, which are regularly monitored and assessed. Our processes and workflow are designed and reviewed regularly by our General Counsel.