The AET | Subscribe
 
  Data Privacy & Other AET Policies  
     
 
AET Policies      

Acceptable Use Policy

This Acceptable Use Policy defines standards for appropriate and secure use of The AET’s hardware and electronic systems including storage media, communication tools and internet access. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to The AET including applicable laws and regulations and aligns with COPPA and FERPA compliance.

Access Control and Termination Policy

This Access Control and Termination Policy defines requirements for access and removal of access to The AET data, systems, facilities, and networks. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to The AET including applicable laws and regulations.

Business Continuity and Disaster Recovery Plan

This Business Continuity and Disaster Recovery Plan guides The AET in the event of a significant business disaster or other disruption to normal service. The AET must respond to business disasters and disruption by safeguarding employees’ lives and company assets, making a financial and operational assessment, securing data, and quickly recovering operations.

Change Management Policy

This Change Management Policy defines how changes to applications, systems, services, and infrastructure are planned and implemented. The goal of change management is to increase awareness and understanding of proposed changes across The AET and ensure that all changes are made in a thoughtful way that minimize negative impact to services and customers. 

Code of Conduct

This Code of Conduct outlines The AET's expectations measured against the highest possible standards of ethical business conduct. Committing to the highest standards helps The AET hire great people, build great products, and attract loyal customers. 

Configuration and Asset Management Policy

This Configuration and Asset Management Policy provides procedures supporting effective organizational asset management, specifically focused on electronic devices within the organization and baseline configurations for The AET assets and systems. 

Data Classification Policy

This Data Classification Policy provides the basis for protecting the confidentiality of data at The AET by establishing a data classification system. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to The AET including applicable laws and regulations.

Data Retention and Disposal Policy

This Data Retention and Disposal Policy addresses how a customer's data is retained and disposed of and to ensure this is carried out in a consistent manner. From time to time, The AET may update this policy. This policy is guided by security requirements specific to The AET including compliance with applicable laws and regulations.

Encryption and Key Management Policy

This Encryption and Key Management Policy provides guidance on the types of devices and media that need to be encrypted, when encryption must be used, the minimum standards of the software used for encryption, and the requirements for generating and managing keys at The AET. Following documented policy will limit mistakes in selecting keys, implementing the encryption/decryption process, and managing keys and other secrets which are common causes of data exposure and aligns with COPPA and FERPA compliance.

Information Security Policy

This Information Security Policy addresses the information security policy topics and requirements which maintain the security, confidentiality, integrity, and availability of The AET applications, systems, infrastructure, and data. The topics and requirements called out in this policy should be continuously improved upon to maintain a secure information security posture. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to The AET including compliance with applicable laws and regulation and aligns with COPPA and FERPA compliance.

Internal Control Policy

This Internal Control Policy guides The AET regarding the maintenance of an internal control system in order to safeguard the The AET's assets against loss, promote operational efficiency, and encourage adherence to prescribed managerial policies. 

Network Security Policy

The purpose of this document is to define basic rules and requirements for network security and ensure the protection of information within and across networks and supporting information processing facilities.

Performance Review Policy

The performance evaluation process provides a means for discussing, planning and reviewing the performance of each team member. This provides both the employee and the department manager with the opportunity to discuss job tasks, identify and correct weaknesses, encourage and recognize strengths, and discuss methods for improving performance. 

Physical Security Policy

The Physical Security Policy specifies the requirements for physically protecting assets and their data via physical controls and safeguards. Physical security is the first line of defense in information security, and without physical protections, virtual protections offer minimal security for assets and data. The AET maintains reasonable steps to ensure that its facilities, information systems, and data are accessed only by authorized personnel or authorized third party visitors to prevent unauthorized access, damage, theft, and interference. All physical security requirements are applicable to both remote and in-office work. Key aspects of physical security include: perimeter and border security, entry controls, visitor management, restricted areas, equipment protection and maintenance, awareness and training, and risk management.

Risk Assessment and Treatment Policy

This Risk Assessment Policy guides The AET in performing risk assessments to account for threats, vulnerabilities, likelihood, and impact to The AET assets, team members, customers, vendors, suppliers, and partners based upon the The AET services considering security, availability, integrity, and confidentiality needs.

Secure Development Policy

The purpose of this document is to define basic rules for secure development of software and systems. 

Security Incident Response Plan

The Security Incident Response Plan provides a systematic incident response process for all Information Security Incident(s) (defined below) that affect any of The AET's information technology systems, network, or data, including The AET data held or services provided by third-party vendors or other service providers. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. 

Vendor Management Policy

This Vendor Management Policy guides The AET in the execution, management, and termination of vendor and other third party agreements. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to The AET including applicable laws and regulations.

Vulnerability and Patch Management Policy

This Vulnerability Management Policy defines an approach for vulnerability management to reduce system risks and integrate with patch management. From time to time, The AET may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to The AET including applicable laws and regulations.



   
 
 
 
         
Get in Touch
Question? We're here to help!



 
 
Sign up for our email updates
Stay up-to-date with our Tuesday Tips messages, product updates, training opportunities, and more!

   
  Follow The AET
We're on social media!

 
 
 
Copyright © 2024 The Agricultural Experience Tracker. All Rights Reserved.
Terms of Service | Privacy Policy