Security and trust center
House of Control delivers business critical services to its customers.These trusted services are delivered in line with regulatory and best practice requirements.
Privacy policy
Data processor agreement
Complete Control SLA
Operational status
Subproviders, sub-processors and data locations
Software as a service
House of Control’s services are delivered as Software as a Service (SaaS). Our trusted platform is built by embedding security throughout the software development and delivery life cycle. We follow rigorous operational security practices such as penetration testing, vulnerability assessments, and strong internal access controls.
Making our services secure is a key concern for us. House of Control has many customers with high security requirements in regulated industries, and as a supplier we are committed to complying with these requirements. The requirements we implement in our SaaS solution will therefore be available to all our customers.
Informations security management system
House of Control organizes its privacy and security work in an Information Security Management System (ISMS). When processing personal data for customers' users, House of Control will act as a data processor in accordance with the European Data Protection Act (GDPR). House of Control's ISMS describes systems, policies, processes, routines and measures to ensure privacy, confidentiality, integrity and availability of our customers' data.
Our compliance reporting consists of ISAE 3000 and ISAE 3402 Type I attestation reports. ISAE (International Standard for Assurance Engagements) covers the internal control of a service organization, including information security. In these reports, our entire ISMS and data processing agreement (DPA) are audited. These compliance reports are available to our customers and provide direct audit support for all companies using the Complete Control applications, and to their internal or external auditors.
The security organization led by the House of Controls CISO. In addition, House of Control has appointed a DPO (Data Privacy Officer), whose main responsibility is to ensure and strengthen our ability to comply with regulations for the processing of personal data. We carry out an annual audit program to ensure that the ISMS is performing and implemented in line with best practice.
Operations and security
House of Control uses ITIL and controls from the ISO 27000 framework to ensure effective and efficient processes. These most important processes are:
- Business Continuity Management
- Access Control Management
- Change Management
- Event Management
- Request Management
- Incident Management
- Operations Management