Edfinity's IT and security policies comply with the standards for security, governance, and compliance outlined in the HECVAT framework. The documents below are available to institutions adopting Edfinity as part of our HECVAT.
If you need access to these documents, or have any questions, please contact us or email us at support@edfinity.com.
- Completed HECVAT questionnaire
- Software development lifecycle (SDLC) documentation
- Patch Management Process
- Threat model
- Business continuity plan
- Disaster recovery plan
- Incident response plan
- Firewall change request policy
- Workstation security policy
- Employee onboarding policy
- Employee offboarding policy
- PCI Compliance Self-Assessment Questionnaire A
- Software Supply Chain Management Process
- Accessibility Report