Security / Compliance / Responsible AI

This section includes the subset of the corporate and compliance related material that the RunWhen team has chosen to make public.

Contents

• Overview — This page; introduction and contact.
• Security Model Overview — Security architecture, trust boundary, data classification, authentication, encryption.
• Data Security Framework — Data types, enterprise configuration, automation output handling.
• Data Security and Privacy — Privacy approach, data we handle, data deletion, compliance.
• Secure-By-Design Principles — Encryption, least privilege, no long-lived credentials, audit logging.
• Compliance — Compliance posture, monitoring, and audits.
• Responsible AI — How RunWhen uses AI responsibly and how you can configure and govern it.
• Security Contact — Report security concerns or bugs.
• Security Incident Response — Data incident definition, breach types, communications, disclosure.

Policies and Procedures

• Annual Security Policy Review
• Business Continuity and Operational Resilience
• Change Management Policy
• Code of Conduct Policy
• Cryptographic Key Policy
• Data Loss Prevention
• End User Accounts and Device Policy
• Logging Controls Summary
• Risk Assessment
• Segregation of Duties Policy
• Software Patching and Update Management Policy
• Software Testing Data Policy
• Threat Intelligence Process

If your organization requires materials you do not see addressed here, please inquire at security-and-compliance@runwhen.com.