Aptible PaaS logoDocs
Search
⌘K
Product
Product DemoAppsDatabasesPlatformSecurity & Compliance
PricingCompany
Install CLI
Log In
Getting Started
Introduction to Aptible
Deploy a starter template
Deploy your custom code
Core Concepts
Apps
Managed Databases
Architecture
Scaling
Observability
Security & Compliance
Integrations
Billing & Payments
Reference
Aptible CLI
Dashboard
Terraform
Aptible Metadata Variables
Interface Feature Availability Matrix
Reliability Division of Responsibilities
Glossary
How-to Guides
App Guides
Database Guides
Observability Guides
Platform Guides
How to achieve HIPAA compliance on Aptible
How to create and deprovison dedicated stacks
How to create environments
How to delete environments
How to deprovision resources
How to handle vulnerabilities found in security scans
How to migrate environments
How to navigate security questionnaires and audits
How to restore resources
How to upgrade or downgrade my plan
How to set up Single Sign On (SSO)
Best Practices Guide
Advanced Best Practices Guide
How to navigate HITRUST Certification
Minimize Downtime Caused by AWS Outages
How to cancel my Aptible Account
How to reset my Aptible 2FA
Troubleshooting
Aptible Support
Common Errors & Issues
Feedback
Roadmap
Give feedback

How to navigate security questionnaires and audits

Learn how to approach responding to security questionnaires and audits on Aptible

Overview

Aptible streamlines the process of addressing security questionnaires and audits with its pre-configured Security & Compliance features. This guide will help you effectively showcase your security and compliance status for Aptible resources.

01: Define the scope

Before diving into the response process, it's crucial to clarify the scope of your assessment. Determine between controls within the scope of Aptible (e.g., infrastructure implementation) and those that fall outside of the scope (e.g., employee training on compliance policies).

For HITRUST Audits, Aptible provides the option of HITRUST Inheritance, which is a valuable resource for demonstrating compliance within the defined scope. Refer to How to Request HITRUST Inheritance from Aptible.

02: Gather resources

To ensure that you are well-prepared to answer questions and meet requirements, collect the most pertinent resources:

  • For inquiries or requirements related to your unique setup (e.g., implementing Multi-Factor Authentication or redundancy configurations), refer to your Security & Compliance Dashboard. The Security and Compliance Dashboard provides an easy-to-consume view of all the HITRUST controls that are fully enforced and managed on your behalf. A printable report is available to share as needed.
  • For inquiries or requirements regarding Aptible's compliance (e.g., HITRUST/SOC 2 reports) or infrastructure setup (e.g., penetration testing and host hardening), refer to our comprehensive trust.aptible.com page. This includes a FAQ of security questions.

03: Contact Support as needed

Should you encounter any obstacles or require further assistance during this process:

  • Don't hesitate to reach out to Aptible Support for guidance.
  • If you are on the Enterprise Plan, you have the option to request Aptible Support's assistance in completing an annual report when needed.

O4: Show off your compliance (optional)

Add a Secured by Aptible badge and link to the Secured by Aptible page to show all the security & compliance controls implemented:

How to navigate security questionnaires and audits
Aptible logo
Product
Resources
Support
Company
548 Market St #75826 San Francisco, CA 94104
© 2024. All rights reserved. Privacy Policy