Summary
This document is a guide detailing the Information Security Program implemented by AssetMark. It outlines the security controls established to protect data integrity and manage risks associated with technology assets. The program includes governance and risk management, training and awareness initiatives, vendor management practices, security architecture, and operational security measures. Specific features of the program are highlighted, such as the incident response plan, business continuity planning, and disaster recovery strategies. The document describes the importance of regular risk assessments and employee training to ensure awareness of security threats. Additionally, it covers the physical and software security measures in place, including access controls, data encryption, and email protection protocols. The guide emphasizes the need for compliance with security policies and the roles of various committees in overseeing security-related risks, ensuring a comprehensive approach to information security.
