Information Security and Business Continuity Planning for Archer SaaS Offering

This document is a technical report detailing the information security and business continuity planning measures for Archer's SaaS offerings, specifically Archer Engage and Archer Insight. It outlines various organizational security measures, including entrance control, admission control, access control, and separation control to prevent unauthorized access to data processing systems. The report details measures to ensure the integrity of processing, such as transmission control and input control, to protect data during electronic transmission and handling. Additionally, it describes security, availability, and resilience measures, including subcontractor management, data protection measures, and incident response capabilities. The document emphasizes adherence to industry standards for data protection and outlines the responsibilities of both Archer and the customer regarding security incidents and breach notifications. Furthermore, it includes definitions of key terms related to security measures and describes the process for independent control attestation and testing to ensure compliance with security standards.