Please Read Before Completing the Security Assessment
事務局(Customer Support) avatar
対応者:事務局(Customer Support)
一週間前以上前にアップデートされました

Thank you for your cooperation in the Assured security assessment. Some points to keep in mind when answering our security assessment.

How to answer the security assessment

With Assured' security assessment platform, you can manage the security measures and postures of your product by completing our security assessment. Each assessment result can be RE-USED. It's recommended to create ONE assessment result per product; consider your organizational structure and infrastructure if necessary.

Tips for Answering

  • User companies will have direct visibility of the provided answers. For internal notes, USE the MEMO feature.

  • If the response varies based on factors such as higher-tier plans or attached options, please select "Condition Applies" and provide details of the conditions under which it applies.

  • If using outsourced/third-party providers and/or relying on other cloud services (ex. IaaS), consider their security measures for overall product security.

  • If security measures are implemented but not publicly disclosed, select applicable options and note "Details not publicly available." DO NOT just select "Undisclosed."

Instructions for answering on the console

How to Select Options/Answers

On your account's console, you can select the appropriate option(s) by clicking on the checkbox for each question and completing your answer by clicking the "Answer" button.

For questions where "Condition Applies" is available, you can toggle between "Not Applicable," "Applicable," and "Condition Applies" by clicking the checkbox multiple times. You can determine this through the indicator at the bottom of the checkbox.

After completing assessment

After completion of answering all questions, please click "Request Review" at the top left corner of the screen.

Examples and Acknowledgements

Keep in mind that your responses can be reused and re-shared with different companies.

User companies will have direct visibility of the provided answers. For internal notes, USE the MEMO feature. Also, DO NOT include a specific client’s name in the answers.

Answer Examples

Good

Question: Is it possible to output the list of service users' accounts as a CSV file?

Answer: Yes

Note: We do not have a CSV output function, but if you contact us, we can send you a CSV of the account list.

Bad

Question: Is it possible to output the list of accounts of service users as CSV?

Answer: Yes

Note: The list of accounts for Client A is here: https://internal.admin.example.com/csv/a/

For answers based on public information, please include the source of information.

If there is any public information, such as privacy policy or terms of use, please provide a link to it.

Good

Question: Do you use personal information (please state the purpose of use)?

Answer: Yes

Note:

(1) Use for our other services.

(2) To provide information on events, seminars, etc.

Bad

Question: Do you use personal information (please indicate the purpose of use)?

Answer: Yes

Note:

(1) Use for other various services operated by the Company

(2) Invitations to events, seminars, etc.

Please answer not only for the measures implemented by your company but also the security measures for the entire cloud service.

If you use external platforms or subcontractors to provide services, please answer based on their security measures.

Good

Question: Please select the physical security of your data center

Answer: Restrict access by IC card, install surveillance cameras, monitor logs

Note: We are using IaaS.

Bad

Question: Please select the physical security of your data center

Answer: Not Applicable

Note: We use IaaS, so we do not have a data center

If you choose "Undisclosed" for the details of security measures implemented, please indicate so in the supplement.

If the answer is "Undisclosed" even though security measures are implemented, the score will be calculated with the same rating as "not implemented" in the security evaluation.

If you have implemented security measures, please select "Yes/Implemented" as an option and indicate in the supplement that the details are not disclosed.

Good

Question: Do you take backups of your data (please indicate the frequency)?

Answer: Yes

Note: Yes, but the frequency is not disclosed.

Bad

Question: Do you back up your data (indicate the frequency in the supplement)?

Answer: Undisclosed

Note: Yes, but the frequency is not disclosed.

こちらの回答で解決しましたか?