Training All People | Trust Center
TAP Trust Center
TAP prioritizes your data's confidentiality, integrity, and availability. Our Trust Center offers insights into our data management, security measures, and compliance.
See Monitoring

Monitoring

Continuously monitored by Secureframe

Subprocessors

Amazon Web Services

CockroachDB

Veracity LRS

Sentry

Segment

Amplitude

Google Analytics

HubSpot

Unity Gaming Services

Better Stack

PropelAuth

Powered by

Monitoring

Change Management

Software Change Testing
Software changes are tested prior to being deployed into production.
Secure Development Policy
A Secure Development Policy defines the requirements for secure software and system development and maintenance.

Availability

Testing the Business Continuity and Disaster Recovery Plan
The Business Continuity and Disaster Recovery Plan is periodically tested via tabletop exercises or equivalents. When necessary, Management makes changes to the Business Continuity and Disaster Recovery Plan based on the test results.
Business Continuity and Disaster Recovery Policy
Business Continuity and Disaster Recovery Policy governs required processes for restoring the service or supporting infrastructure after suffering a disaster or disruption.

Organizational Management

Information Security Program Review
Management is responsible for the design, implementation, and management of the organization’s security policies and procedures. The policies and procedures are reviewed by management at least annually.
Information Security Policy
An Information Security Policy establishes the security requirements for maintaining the security, confidentiality, integrity, and availability of applications, systems, infrastructure, and data.
Internal Control Monitoring
A continuous monitoring solution monitors internal controls used in the achievement of service commitments and system requirements.

Incident Response

Incident Response Plan Testing
The Incident Response Plan is periodically tested via tabletop exercises or equivalents. When necessary, Management makes changes to the Incident Response Plan based on the test results.

Risk Assessment

Risk Assessment and Treatment Policy
A Risk Assessment and Treatment Policy governs the process for conducting risk assessments to account for threats, vulnerabilities, likelihood, and impact with respect to assets, team members, customers, vendors, suppliers, and partners. Risk tolerance and strategies are also defined in the policy.
Vendor Risk Assessment
New vendors are assessed in accordance with the Vendor Risk Management Policy prior to engaging with the vendor. Reassessment occurs at least annually.
Risk Register
A risk register is maintained, which records the risk mitigation strategies for identified risks, and the development or modification of controls consistent with the risk mitigation strategy.

Access Security

Removal of Access
Upon termination or when internal personnel no longer require access, system access is removed, as applicable.

Communications

Privacy Policy
A Privacy Policy to both external users and internal personnel. This policy details the company's privacy commitments.