Search Touchplan website:

Security

Touchplan Logo

Touchplan implements a comprehensive information security program to ensure that our information systems, software, and data are securely maintained and aligned with all applicable laws, regulations, information security best practices, and industry standards. 

See all MOCA Systems, Inc. certifications

Touchplan maintains the following certifications:

ISO 27001:2022

Touchplan is certified annually by third-party audit against ISO 27001 information security standards. 

ISO 27001 Certification Badge

SOC 2 Type 2

Touchplan is certified annually by third-party audit against SOC 2 Type 2 information security standards. 

SOC 2 Certification Badge

GDPR

Touchplan maintains compliance with General Data Protection Regulation (GDPR) and other privacy laws, regulations, and requirements. 

Security Practices:

Touchplan employs a layered information security approach to ensure threats are mitigated at multiple control points and the confidentiality, integrity, and availability of our systems and data are consistently and appropriately protected. 

Touchplan’s security risk management strategy, expectations, and policy are established, communicated, and monitored. 

Touchplan implements security practices to identify and detect threats, risks, and vulnerabilities to our systems. Security processes include: 

  • Internal and external security audit
  • Risk assessment (internal and third-party)
  • Security information and event management (SIEM) 
  • Penetration testing 
  • Continuous monitoring and event analysis 
  • Vulnerability scanning 
  • Static and dynamic code scanning

Touchplan implements security safeguards to ensure our systems and data are protected from risks, vulnerabilities, and threats. Security processes include: 

  • Secure identity management and authentication 
  • Role-based access controls
  • User information security awareness training 
  • Data encryption (at rest and in transit)
  • Data loss prevention mechanisms 
  • Secure system configuration
  • Secure software development processes and procedures 
  • Endpoint monitoring and malware protection 
  • Firewall and conditional access policies

Touchplan implements response and recovery practices to ensure service continuity, system and data availability, and timely response to threats and incidents. Security processes include: 

  • Incident Response Plan 
  • Disaster Recovery and Business Continuity Plan 
  • Annual response and recovery plan testing
  • Secure system and data backup 
  • Alert and event monitoring, analysis, and response processes and playbooks 
Request Security Documents & Certifications