Technical

General

• 7.1 Does TWC perform vulnerability scans, penetration tests, and/or patch management?
• 7.2 What technology is used by CRS/FATCA One?
• 7.3 Does TWC have data loss prevention?
• 7.4 What action plan does TWC have in place in the event of a detected Cybersecurity incident?
• 7.5 Does the system support the use of 2FA and Active Directory?
• 7.6 Can I sign my XML files using CRS/FATCA One?
• 7.7 Where are the servers located?
• 7.8 Can I change from cloud to installed?

See less ▼

Cloud

• 8.1 Is Data encrypted?
• 8.2 Can data be securely deleted?
• 8.3 Does CRS/FATCA One support and use the HTTPS protocol?
• 8.4 Do I need my IDES account for FATCA Submissions?
• 8.5 I received an email that the IRS Public certificate is expiring. What should I do?

Installed

• 9.1 What are the hardware and software requirements for your installation?
• 9.2 Do you have data loss prevention?
• 9.3 Is it possible to implement on-demand and scheduled administrative access controls, such as PAM (Privileged Access Management)?
• 9.4 Do you offer Integration with the client's SOC for incident response and recovery using Logs?
• 9.5 What is the availability to carry out audits (Right to Audit)? What is the SLA for addressing compliance issues?
• 9.6 How can the solution's security logs be integrated into a SIEM (Security Information and Event Manager) or centralized Log Server?
• 9.7 In the case of data encryption and/or master key protection, can the solution be integrated with an HSM (Hardware Security Module)?
• 9.8 Are data repositories protected against manipulation/modification including initialization, stopping or pausing of audit logs?
• 9.9 Do you have policies and matrices in place for access control and authentication of applications and equipment?
• 9.10 Do you have network segmentation and perimeter security equipment?
• 9.11 Does the application, being web-based, have a WAF as perimeter security and is it configured according to the TOP 10 OWASP?
• 9.12 Do you have Antivirus, antimalware, DLP systems installed and configured on your servers?
• 9.13 Can user roles and privileges be configured to fit the institution's needs?
• 9.14 I am experiencing issues with the IRS dashboard. What should I do?

See less ▼