ProcessMiner Trust Center

ProcessMiner enhances efficiency and productivity for continuous manufacturers by using AI and proprietary algorithms to optimize production processes. This leads to better quality, higher productivity, and reduced waste and energy use, supporting sustainability goals. We believe transparency, secure operations, and clear accountability are essential to building trust with our customers and partners.

info@processminer.com

Compliance

Controls

Remote access tool

Access restricted to modify infrastructure

Access control procedures

Access review of infrastructure

Physical access control systems

Encryption of data

Database backups

Data disposal policy

Privacy and confidentiality governance charter

Backup and recovery policy

Vulnerability scanning

Source code tool

Web application firewall

Sample code changes

Outsourced Development Management

SSL/TLS certificates for infrastructure

Intrusion detection tool

Infrastructure baseline hardening policy

Network diagram

Monitoring, measurement, analysis and evaluation

Alerts and remediation

Breach notification communication

Security incident list

Whistleblower policy

Log management tool

ePHI risk assessment report

Vendor management program

Vendor onboarding

Vendor termination

Vendor list

New employee and contractor agreements

List of newly hired employees & contractors

Employee handbook

HRS-7

Existing employee and contractor agreements

Multi-availability zones

Asset register maintaining

Risk and Governance Executive Committee meeting minutes

Risk management program

Information security policies and procedures

Key management services used

Mobile device management tool

CRY-3

CRY-2

FAQs

All systems are patched and updated on a documented, regular, and timely schedule using the Common Vulnerability Scoring System (CVSS) to aid in setting patching guidelines. Critical security vulnerabilities must be patched as soon as possible regardless of CVSS score.

Our organization actively manages vendor risks through a structured approach that includes maintaining a critical third-party vendor inventory and conducting risk assessments before initiating third-party work. These assessments are repeated annually to identify any gaps between third-party security controls and our information security standards.

Employees undergo mandatory security awareness training at least annually, and records of such training are maintained.