Security and Trust Center

 

House of Control delivers business critical services to its customers.
These trusted services are delivered in line with regulatory and best practice requirements.

Privacy policy

 

Read more about our privacy policy

Processing of personal data

House of Control's Data Processing Agreement - DPA

House of Controls’ subproviders, sub-processors and data locations

House of Control's Privacy Policy

 

Operational Status

 

Find the status of all systems

software as a service

House of Control’s services are delivered as Software as a Service (SaaS). Our trusted platform is built by embedding security throughout the software development and delivery life cycle. We follow rigorous operational security practices such as penetration testing, vulnerability assessments, and strong internal access controls. 

Making our services secure is a key concern for us. House of Control has many customers with high security requirements in regulated industries, and as a supplier we are committed to complying with these requirements. The requirements we implement in our SaaS solution will therefore be available to all our customers.

Information Security management system

House of Control organizes its privacy and security work in an Information Security Management System (ISMS). When processing personal data for customers' users, House of Control will act as a data processor in accordance with the European Data Protection Act (GDPR). House of Control's ISMS describes systems, policies, processes, routines and measures to ensure privacy, confidentiality, integrity and availability of our customers' data.

Our compliance reporting consists of ISAE 3000 and ISAE 3402 Type I attestation reports. ISAE (International Standard for Assurance Engagements) covers the internal control of a service organization, including information security. In these reports, our entire ISMS and data processing agreement (DPA) are audited. These compliance reports are available to our customers and provide direct audit support for all companies using the Complete Control applications, and to their internal or external auditors.

The security organization led by the House of Controls CISO. In addition, House of Control has appointed a DPO (Data Privacy Officer), whose main responsibility is to ensure and strengthen our ability to comply with regulations for the processing of personal data. We carry out an annual audit program to ensure that the ISMS is performing and implemented in line with best practice.

Operations and security

House of Control uses ITIL and controls from the ISO 27000 framework to ensure effective and efficient processes. These most important processes are:

  • Business Continuity Management
  • Access Control Management
  • Change Management
  • Event Management
  • Request Management
  • Incident Management
  • Operations Management

Whistleblowing

Whistleblowing Channel