Shared responsibility model
  • 31 Oct 2024
  • 1 Minute to read
  • Dark
    Light

Shared responsibility model

  • Dark
    Light

Article summary

The following table shows the roles and responsibilities for guaranteeing the continuity of vital components of the service, deriving from the business impact analysis.

Actors

Board International

Customer

Component

Data Center Redundancy

Physical Infrastructure countermeasures

Board tenant Service Redundancy

Board tenant Service Backups

Customer application Business Continuity*

Customer application Data Backups**

Application level security measures***

Customer Data Encryption

SaaS Cyber-attack countermeasures

Customer applications developed by the customer (Board Data models, Capsules, and Procedures) should be designed and implemented in accordance with best practices, considering the business continuity requirements of the application (i.e. the customer is responsible for testing changes to the data model and capsules before deployment into production).

** The customer is required to manage their own applications’ data and perform data backups

*** The application security layer is designed and developed by the customer during the implementation.

The customer is responsible for:

  • granting new user access and ascertaining that terminated employees have no access to the System, revoked in a timely manner

  • ascertaining that written process instructions for the administration of authorizations exist and include responsibilities, authorization instructions, and authorization administration

  • regularly reviewing the user profiles and the access activities associated to the accounts

  • guaranteeing, by all actors involved, timely intervention in case anomalies occur in their areas of responsibility.


Was this article helpful?