Home2022-04-07T23:21:22-04:00

The Current State

0%
Implicit Mandate
85%
Implicit Mandate

85% of consumers will not do business with a company if they have concerns about its security practices.

0%
Cognitive Bias
74%
Cognitive Bias

74% of US organizations consider complying with a regulatory mandate, such as SOX or PCI, as “very” effective or “extremely” effective at improving cybersecurity.

0%
Trust Deficit
9%
Trust Deficit

Only 9% of executives are able to accurately measure their value of trust. Yet, 85% of businesses cite trust as a necessary precondition for collaboration and innovation.

Our Mission

To quickly understand, prioritize and manage your cyber risks. Accelerating your organization to inspire confidence, innovate and drive growth.

Virtual CISO

On-demand access to a top-tier security leader with specialized technical knowledge and corporate governance experience. Get better guidance, quality and speed on every decision and deliverable.

vCISO Silver
The Strategic Plan

$1,999/mo.

Benefits
Includes strategic and tactical support with current and planned cyber risk initiatives. Quarterly call to review investments, progress, and issues.

Plan Details
8 Support Hours/mo.*
Quarterly Check-in Call
Product Discounts
30 Days Risk-Free Money-Back Guarantee




Select Plan

vCISO Gold
The Performance Plan

$4,999/mo.

Benefits
Everything in Silver plus complimentary enterprise risk assessment and strategic roadmap to recalibrate risks and the go-forward vision.

Plan Details
24 Support Hours/mo.*
Quarterly Check-in Call
Product Discounts
Annual Risk Assessment
Annual Strategic Roadmap
30 Days Risk-Free Money-Back Guarantee


Select Plan

vCISO Platinum
The Value Plan

$9,999/mo.

Benefits
Everything in Gold plus premium whitepapers, how-to checklists, invitation to network with peers and our exclusive best practice video series.

Plan Details
50 Support Hours/mo.*
Quarterly Check-in Call
Product Discounts
Annual Risk Assessment
Annual Strategic Roadmap
Premium Whitepapers
How-to Checklists and Guides
Knowledge Sharing Call with Peers
30 Days Risk-Free Money-Back Guarantee

Select Plan

Contact Us to Schedule a Complimentary 25 Minute Call

* Unused hours roll-over for a 12-month period.  Total Support Hours per Year: Silver – 96hrs, Gold – 288hrs, Platinum – 600hrs.

Business Accelerators

Technical Services

Framework Implementation

With a myriad of compliance frameworks spanning across seas to affect business in other countries, companies not only face intensifying pressures to navigate each regulatory environment but to do so in an increasingly complex threat background. Eliminate the guesswork!

ControlPoints can help you formulate and implement a streamlined compliance program pivotal to the business seamlessly fulfilling its customer demands while meeting its regulatory obligations and avoiding damaging attacks resulting in data breach, fines and reputational damage.

We take the time to understand your industry and organization to design a nimble, top-down, risk-based compliance program. Leveraging 20 years of IT security framework expertise combined with the latest audit techniques and tools employed by the Big Four international accounting firms, we developed our proprietary ControlPoints Express Matrix (CPEM) that quickly cuts through the complexity with a tailored set of agile controls that precisely satisfy any audit. CPEM drives value with integrated cyber resiliency controls honed with cutting-edge design strategies that make security a streamlined component of daily operations.

Whether its separation of duties controls in ERP, super user lockdown or vulnerability management, we help fortify IT with sustainable, recordable and repeatable processes while at the same time achieve congruence with relevant Acts, Laws and Regulations – quickly. We specialize in express implementation of the following:

Private

  • SOX 404

  • GDPR

  • PCI

  • ISO 27001

  • FFIEC

  • PII

  • SOC II

Government

  • FISMA

  • A-123

  • NIST RMF

  • FedRAMP

  • CMMC

  • IV&V

  • POA&M

Control Readiness

Successful organizations know that risk can come from every angle — upside, downside and outside — and can be hard to see, anticipate and respond to. With our help, they are embracing these risks, updating their risk functions and sharing risk intelligence to generate fresh value through aggressive innovation that gives them a competitive advantage.

We help organizations raise their trust coefficient by locating and remediating gap and process breakdowns from an independent, unbiased view. Our team employs a systematic, disciplined approach to identify key points of exposure, give practical recommendations grounded in real security value, and implement controls correctly the first time, every time. We can help you develop long-range and annual risk strategies and improve the performance of your supply chain.

In today’s world, every organization is digital by default. And, as many organizations have learned, it’s no longer a matter of if you’ll face a cyberattack, it’s a matter of when.

Orchestrators employ sophisticated methods of automation, misdirection and ambiguity against a backdrop of underinvestment, improvised strategy, complex and numerous security products, and lack of cyber talent. Every asset in your organization is at risk. Exposing the attacker requires defenses that identify each threat, even when it adopts the colors of its target environment.

We can help you protect your business by building a resilient cybersecurity foundation, detecting the cyber threats you are facing and responding to a breach incident. We recognize that cyber security is about risk management – not risk elimination. We assist business leaders deploy an optimal combination of strategy, technology and training to work in equilibrium to scale resiliency throughout the enterprise.

From security architecture-to-culture change and SOC tools-to-cloud management. No matter where you are on the cyber security journey, we can help you reach the destination: a place of confidence that you can operate without crippling disruptions from a cyber security event.

Our comprehensive strategy-to-execution approach looks at the whole of your network and takes into account how your users access and use data. We design an architecture that minimizes risks and maximizes technology investments. Together, we can help you deliver better outcomes and long-lasting results.

In the wake of the economic crises and scandals of the past few years, the market is demanding more accountability and transparency from companies in all aspects of their business. Organizations that value trust as a differentiator perform periodic audits to give assurance on their performance and viability. Audits are the fundamental building block of effective capital markets and high-quality audits enhance trust, confidence and facilitate economic growth.

ControlPoints’ auditors perform the valuable role of being a trusted intermediary between the providers of business information and the users of that information – investors, business partners and end-customers.

Our audit work provides quality, integrity, technical excellence, exceptional service and a broad understanding of financial, IT and operational factors. Our independent and objective view into your organization’s operations and that of your 3rd party vendors provide fresh perspective to pinpoint blind spots and reveal untapped opportunities.

We seek to challenge assumptions and unlock valuable insights based on a thorough understanding of your organization’s business and industry, powered by analytics-driven audit methodologies and approaches that instill confidence in the important decisions that management makes on behalf of the organization.

Strategy

In today’s complex environment — with a preponderance of data, volatile geopolitical events and a fluctuating global economy – setting and executing a strategy to optimize the value of an organization has never been more challenging.

In such a fast-paced world, C-suite and business leaders must truly be effective at driving value creation across their organization.

CxOs need to consider and take bold and transformative steps such as redefining their organization’s purpose, embarking on end-to-end digital transformations, pursuing and optimizing inorganic growth strategies, defining and implementing organic growth strategies, learning how to achieve disruptive innovations, understanding and acting upon changing customer and market dynamics, optimizing their supply chain and taking into consideration risk interconnectedness and the velocity with which risks can impact business operations.

The enhanced business insights our team brings help organizations see their business from a new perspective.

Technology Consulting

This is your disrupted world, and ours. Accelerating advances in technology and changes in business models are transforming the rules and risks of the game. A new energy and approach is needed, the old ways of doing business just won’t cut it anymore.

Technology can help you build better relationships with your customers, cut costs, drive growth and generate value, but it also has the potential to do the exact opposite. You need to invest in the right things at the right time; you must consider the wider implications of digital disruption, from AI to the Blockchain; you may well have to integrate breakthrough innovations with legacy infrastructure. Turn your technology vision into reality. We can support you at every step of your digital transformation journey, from strategy through execution and from vision to value. How we help you do that:

  • Architecture & Integration
  • Enterprise & Cloud Applications
  • Program Delivery Services
  • Quality Assurance

ControlPoints’ Technology Consultants can help you identify and solve the challenges that stand in the way of your growth and progress. We will work with you as colleagues, shoulder-to-shoulder, until we have delivered the results that matter to you.

What do you need to get done?

What Our Customers Say

ControlPoints’ pragmatic services bolstered our resiliency and risk management capabilities.

CIO, US Inter-American Foundation

ControlPoints demonstrated superlative contractor support to my IT Security team and the entire agency. I give them my highest recommendation.

CISO, US Small Business Administration

ControlPoints created our COBIT controls, performed a detailed audit with recommendations that fit precisely the business objectives and culture of our organization, and facilitated the interactions with our outside auditors. They did an outstanding job!

VP Information Systems, GeoVera Holdings Inc

ControlPoints’ work was visionary!

VP of Finance, Rosetta Stone

ControlPoints delivers quality results with a quick turnaround. They think outside the box to come up with creative solutions. They are an asset to any team.

Director Internal Audit, Fannie Mae

Perspectives

Build Trust with Your Customers to Transform Your Business

Lockdown Your Crown Jewels Resiliency, Today

Certifications

HUBZone ControlPoints

ControlPoints proudly operates and employs talented people from a Historically Underutilized Business Zone (HUBZone)

Houston MBE

Team ControlPoints enables the Mission of the City of Houston with unique capabilities in Cyber Defense

NYC MBE

ControlPoints enables the Mission of the City of New York with high quality Cyber Project Management

 

 

Privacy & Disclosure Policy

 

Effective Date: May 25, 2018

This policy explains what information we collect when you use ControlPoints’ site, services, mobile applications, products, and content (“Services”). It also has information about how we store, use, transfer, and delete that information. Our aim is not just to comply with privacy law. It’s to earn your trust.

Information We Collect & How We Use It

We obtain personal information about you if you choose to provide it — for example, to contact mailboxes or to register for certain services. In some cases, you will have previously provided your personal information to ControlPoints (if, for example, you are a former employee). If you choose to register or login to a ControlPoints web site using a third party single sign-in service that authenticates your identity and connects your social media login information (e.g., LinkedIn, Google, or Twitter) with ControlPoints, we will collect any information or content needed for the registration or log-in that you have permitted the social media provider to share with us, such as your name and email address. Other information we collect will depend on the privacy settings you have set with your social media provider, so please review the privacy statement or policy of the applicable service.

When you register or submit personal information to ControlPoints we will use this information in the manner outlined in this privacy statement. Your personal information is not used for other purposes, unless we obtain your permission, or unless otherwise required or permitted by law or professional standards. For example, if you register to a ControlPoints web site and provide information about your preferences we will use this information to personalize your user experience. Where you register or login using a third party single user sign-in we may also recognize you as the same user across any different devices you use and personalize your user experience across other ControlPoints sites you visit. If you send us a resume or curriculum vitae (CV) to apply online for a position with ControlPoints, we will use the information that you provide to match you with available ControlPoints job opportunities. In some cases where you have registered for certain services we will store your email address temporarily until we receive confirmation of the information you provided via an email (i.e. where we send an email to the email address provided as part of your registration to confirm a subscription request).

Legal Grounds We Have to Use Your Information

ControlPoints generally collects only the personal information necessary to fulfill your request. Where additional, optional information is sought, you will be notified of this at the point of collection. The law in the United States and Europe allows us to process personal information, so long as we have a ground under the law to do so. It also requires us to tell you what those grounds are. As a result, when we process your personal information, we will rely on one of the following processing conditions:

  • Performance of a contract: this is when the processing of your personal information is necessary in order to perform our obligations under a contract;
  • Legal obligation: this is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency;
  • Legitimate interests: we will process information about you where it is in our legitimate interest in running a lawful business to do so in order to further that business, so long as it doesn’t outweigh your interests; or
  • Your consent: in some cases, we will ask you for specific permission to process some of your personal information, and we will only process your personal information in this way if you agree to us doing so. You may withdraw your consent at any time by contacting ControlPoints at [email protected].

Examples of the ‘legitimate interests’ referred to above are:

  • To offer information and/or services to individuals who visit our web site or offer information about employment opportunities.
  • To prevent fraud or criminal activity and to safeguard our IT systems.
  • To customize individuals’ online experience and improve the performance, usability and effectiveness of ControlPoints’ online presence.
  • To conduct, and to analyze, our marketing activities.
  • To meet our corporate and social responsibility obligations.
  • To exercise our fundamental rights in the EU under Articles 16 and 17 of the Charter of Fundamental Rights, including our freedom to conduct a business and right to property.

In some cases, the personal data that we collect will also include special categories of data, such as diversity related information (including data about racial and ethnic origin, political opinions, religious beliefs and other beliefs of a similar nature, trade union membership and data about sexual life and sexual orientation), or health data and data about alleged or proven criminal offences in each case where permitted by law.

Children

ControlPoints understands the importance of protecting children’s privacy, especially in an online environment. In particular, our sites are not intentionally designed for or directed at children under the age of 13. It is our policy never to knowingly collect or maintain information about anyone under the age of 13, except as part of an engagement to provide professional services.

Information Disclosure

ControlPoints won’t transfer information about you to third parties for the purpose of providing or facilitating third-party advertising to you. We won’t sell information about you. We may share your account information with third parties in some circumstances, including: (1) with your consent; (2) to a service provider or partner who meets our data protection standards; (3) with academic or non-profit researchers, with aggregation, anonymization, or pseudonomization; (4) when we have a good faith belief it is required by law, such as pursuant to a subpoena or other legal process; (5) when we have a good faith belief that doing so will help prevent imminent harm to someone. If we are going to share your information in response to legal process, we’ll give you notice so you can challenge it (for example by seeking court intervention), unless we’re prohibited by law or believe doing so may endanger others. We will object to requests for information about users of our services that we believe are improper.

Data Storage

ControlPoints uses third-party vendors and hosting partners, for hardware, software, networking, storage, and related technology we need to run ControlPoints. We maintain two types of logs: server logs and event logs. By using ControlPoints Services, you authorize ControlPoints to transfer, store, and use your information in the United States and any other country where we operate.

Third-Party Embeds

Some of the content that you see displayed on ControlPoints is not hosted by ControlPoints. These “embeds” are hosted by a third-party and embedded in ControlPoints. For example: YouTube or Vimeo videos, Amazon products, SoundCloud audio files, Twitter tweets, GitHub code, or Scribd documents that appear within a ControlPoints post. These files send data to the hosted site just as if you were visiting that site directly (for example, when you load a ControlPoints post page with a YouTube video embedded in it, YouTube receives data about your activity). ControlPoints does not control what data third parties collect in cases like this, or what they will do with it. So, third-party embeds on ControlPoints are not covered by this privacy policy. They are covered by the privacy policy of the third-party service. Some embeds may ask you for personal information, such as your email address, through a form. We do our best to keep bad actors off of ControlPoints. However, if you choose to submit your information to a third party this way, we don’t know what they may do with it. As explained above, their actions are not covered by this Privacy Policy. So, please be careful when you see embedded forms on ControlPoints asking for your email address or any other personal information. Make sure you understand who you are submitting your information to and what they say they plan to do with it. We suggest that you do not submit personal information to any third-party through an embedded form. If you embed a form that allows submission of personal information by users, you must provide near the embedded form a prominent link to an applicable Privacy Policy that clearly states how to you intend to use any information collected. Failure to do so may lead ControlPoints to disable the post or take other action to limit or disable your account.

Tracking & Cookies

We use browser cookies and similar technologies to recognize you when you return to our Services. We use them in various ways, for example to log you in, remember your preferences (such as default language), evaluate email effectiveness, allow our paywall and meter to function, and personalize content and other information. ControlPoints doesn’t track you across the Internet. We track only your interactions within the ControlPoints network (which encompasses ControlPoints.com and custom domains hosted by ControlPoints). Further information about managing cookies can be found in your browser’s help file or through sites such as www.allaboutcookies.org.

Some third-party services that we use to provide the ControlPoints Service, such as Google Analytics, may place their own cookies in your browser. This Privacy Policy covers use of cookies by ControlPoints only and not the use of cookies by third parties.

ControlPoints complies with the “Do Not Track” (“DNT”) standard recommended by the World Wide Web Consortium. For logged-out users browsing with DNT enabled, ControlPoints’s analytics will not receive data about you, but we will do some first-party tracking in order to customize content and provide data to third-party service providers that enable ControlPoints Services to work. When you use ControlPoints while logged-in to your account, we cannot comply with DNT.

Modifying or Deleting Your Personal Information

If you have a ControlPoints account, you can access, modify or export your personal information, or delete your account. To protect information from accidental or malicious destruction, we may maintain residual copies for a brief time period. But, if you delete your account, your information and content will be unrecoverable after that time. ControlPoints may preserve and maintain copies of your information when required to do so by law.

Data Security

We use encryption (HTTPS/TLS) to protect data transmitted to and from our site. However, no data transmission over the Internet is 100% secure, so we can’t guarantee security. You use the Service at your own risk, and you’re responsible for taking reasonable measures to secure your account.

Business Transfers

If we are involved in a merger, acquisition, bankruptcy, reorganization or sale of assets such that your information would be transferred or become subject to a different privacy policy, we’ll notify you in advance so you can opt out of any such new policy by deleting your account before transfer.

Email from ControlPoints

Sometimes we’ll send you emails about your account, service changes or new policies. You can’t opt out of this type of “transactional” email (unless you delete your account). But, you can opt out of non-administrative emails such as digests, newsletters, and activity notifications. When you interact with an email sent from ControlPoints (such as opening an email or clicking on a particular link in an email), we may receive information about that interaction. We won’t email you to ask for your password or other account information. If you receive such an email, please send it to us so we can investigate.

When you choose to opt in to materials on www.controlpoints.com or provide your email address for any reason, you are subject to receive promotional emails, educational emails, and content emails that include video material, blog material, and special offers or notices of upcoming live events and workshops hosted by ControlPoints. The email address that you provide is stored in our database for www.controlpoints.com so that we may track user behavior and tag your behavior in order to provide a better user experience based on items you have shown an interest in or have opted in for on the website. We may maintain separate email lists for different purposes. In order to end your email subscription to a particular list, you must follow the instructions on how to unsubscribe contained in every email correspondence that you receive from ControlPoints. Unsubscribing from one list will not automatically unsubscribe you from all email lists. We only send email marketing to individuals that have agreed, whether by opting in for materials on this website or through third party websites, to receive email marketing from ControlPoints or its affiliates and partners. Though we make every effort to preserve user privacy, we may be required to disclose personal information in some instances, such as: 1) when required by law wherein we have a good faith belief that such action is necessary to comply with a judicial proceeding, court order, and/or subpoena; 2) in the event that ControlPoints is sold or acquired; or 3) in the event that we believe that the Website is being, or has been, used in violation of our terms and conditions or to commit unlawful acts. Moreover, you hereby consent to the disclosure of any record or communication to any third party when ControlPoints, in its sole discretion, determines the disclosure to be appropriate including, without limitation, sharing your email address with other third parties for suppression purposes in compliance with the provisions of the CAN-SPAM Act of 2003, as amended from time-to-time. To prevent unauthorized access, maintain data accuracy and to ensure the appropriate use of information, we have put in place physical, electronic and managerial procedures to protect the information we collect online. We shall continue to take reasonable steps to provide effective data protection at all times, however, no security technology can provide invulnerability to information compromise. Therefore ControlPoints cannot, and does not, guarantee the security of any information that you transmit to us or to any third party affiliated with the Site. It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when finished using a shared computer.

Data Protection Statement for European Union Users

Description of Processing Activity

ControlPoints collects and stores personal information about its users to customize their reading experience and enable personalized distribution of content. It shares minimal data with its service providers.

Purposes of Processing

  • Provide, test, promote, and improve the services
  • Gather usage statistics of services
  • Provide customized reading experience
  • Publish and distribute user-generated content
  • Provide access to paid content
  • Pay authors in Partnership Program for certain content
  • Fight spam, fraud, and other abuse of services

Legal Bases

In order to provide the services, ControlPoints collects and stores personal data about its users on the legal basis of consent given when you create an account and agree to the Privacy Policy. ControlPoints also pursues its legitimate interests by collecting minimal data of logged out users to provide the services, as outlined above.

Where ControlPoints collects and stores personal data about non-users, it does so under performance of contract obligations with users who use the services to publish content on web sites hosted by ControlPoints. In such cases, users authoring such content containing personal data of third parties are responsible for that content. ControlPoints will consider related complaints in compliance with the General Data Protection Regulation’s rights of the data subject, as well as rights of expression and access to information.

Public Nature of Personal Data

Logged-in users may choose to interact publicly with the ControlPoints Services in the form of liking a post, highlighting parts of a post, following other user accounts, sharing links on connected social media accounts, or writing original posts. Where such personal data may reveal special category protected data, it is processed on the basis that it is manifestly made public by the user. Additional information on potential consequences of such processing can be found below. If you do not agree to this public usage, do not create an account or use these features of ControlPoints Services.

Categories of Personal Data Collected

Logged out users

  • Reading history
  • IP address
  • Browser information
  • DNT status

Logged in users:

  • Username
  • Display name
  • Bio
  • Avatar image
  • Email address (non-public)
  • Session activity (security)
  • Linked social media accounts (optional)
  • IP address
  • Browser information
  • Reading history (on ControlPoints network only)
  • Network interactions (recommends, follows, etc.)
  • Posts, responses, or series published by user

Members:

  • Billing information and history

Partner authors:

  • Bank account for payments
  • Business information, if applicable

Categories of Recipients

ControlPoints shares minimal personal data with third-party processors in order to provide the Services. These processors offer at least the same level of data protection as that set out in this statement. This includes the following categories of recipients:

  • Hosting, Storage, & Other Infrastructure
  • Security
  • Analytics
  • Communication & Support
  • Payment Processors

Search engines will index user profiles, public interactions, and any user-generated content. Users may also share links to your content on social media.

Payment Processors

ControlPoints provides Services in conjunction with several payment processors, including: Stripe, Paypal, Google Play, and Apple Pay, through which users may pay for ControlPoints memberships or receive payment based on participation in our Partner program. Those companies acting as payment processors may collect and store personal data related to your billing information and history in order to provide their services, and may collect and store personal data and business data to prevent fraud and other abuse. When you delete your ControlPoints account, ControlPoints deletes your personal data as outlined in this document. However, to delete your payment or billing information, you will need to do so with your payment provider, as ControlPoints only has minimal secure access to those records as needed to provide the services.

Embedded Content

ControlPoints posts may contain third-party embeds, which may in some cases collect and store personal data. The use of personal data by embedded content providers is not covered by this statement, but by the privacy policies of those sites or services.

Existence of Automated Decision-making

ControlPoints collects and stores personal data about its users to customize reading. This includes automated decision-making to promote content tailored to the preferences and interests indicated by the user, and to their browsing history and network interactions. ControlPoints also filters content for the purposes of fighting and preventing spam, fraud, and other forms of abuse.

Potential Consequences of Processing

By creating an account on ControlPoints, users may make certain personal data about themselves public and accessible to others on their profile and through network interactions. This may in some cases constitute special category protected data which is considered manifestly made public by the user. Due to the public nature of information posted to ControlPoints, it may be possible for third parties to derive identifying personal data from posts, whether by reading, inference, supplemental research, or automated extraction and analysis. Users are free to use their real name and information, or a pseudonym of their choosing, for their account. Users may also choose to use the service without posting data or engaging in network interactions. However, if you do not agree with and accept the risks of such usage, you may not use the services.

Cross-border Transfers

ControlPoints is hosted in the United States. By using ControlPoints Services, you authorize ControlPoints to transfer, store, and use your information in the United States and any other country where we operate. Where your data is disclosed to our processors, it is subject by contract to at least the same level of data protection as that set out in this statement.

Retention

ControlPoints retains personal data associated with your account for the lifetime of your account. If you would like to delete your personal information, you can delete your account at any time. Deleted account profile pages will yield an error 404 “file not found” page, immediately upon initiating deletion, and will become unrecoverable in our system after a period of fourteen days. It may take several additional days for your personal data to be de-indexed from search engines, depending on those search engines’ practices, over which ControlPoints may have limited or no control. To delete your payment or billing information, you will need to do so with your payment provider, as ControlPoints only has minimal secure access to those records as needed to provide the services.

Your Rights

If ControlPoints processes personal information about you, you have the following rights:

  1. If you sign up for a ControlPoints account, you may correct information associated with your account after logging in.
  2. You may withdraw consent by deleting your account at any time, which will erase your personal information completely within 14 days (except to the extent ControlPoints is prevented by law from deleting your information).
  3. You may object at any time to the use of your personal data by contacting [email protected]. If your complaint relates to alleged misuse of your personal data by a third party, it may result in suspension of that post or account in keeping with relevant law, public interest, our contractual obligations, and the rights of expression and access to information of others.
  4. You may at any time lodge a complaint regarding the processing of your personal data by ControlPoints with the Supervisory Authority of your EU member state.

Data Security and Integrity

ControlPoints has reasonable security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite ControlPoints’ best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information.

Changes to this Policy

ControlPoints may modify this Privacy Statement from time to time to reflect our current privacy practices. When we make changes to this statement, we will revise the “updated” date at the top of this page. Any changes to the processing of personal information as described in this Privacy Statement affecting you will be communicated to you through an appropriate channel, depending on how we normally communicate with you.

Policy Questions

ControlPoints is committed to protecting the online privacy of your personal information. If you have questions or comments about our administration of your personal information, please contact us at [email protected].

ControlPoints
www.controlpoints.com
Houston, Texas
United States of America

 

 

Legal

 

ControlPoints is a US entity that provides Services and Products. The information contained and accessed on this site (the “Site”) is provided by ControlPoints for general guidance and is intended to offer the user general information of interest. The information provided is not intended to replace or serve as substitute for any governance, risk, compliance, audit, cyber, advisory, or other professional advice, consultation or service. You should consult with a ControlPoints professional to obtain such services.

The application of laws and regulations may vary depending on specific facts or circumstances. Due to the nature of electronic communication processes, ControlPoints does not guarantee or warrant the Site will be uninterrupted, without delay, error-free, omission-free, or free of viruses. Therefore, the information is provided ‘as is’ without warranties of any kind, express or implied, including accuracy, timeliness and completeness. In no event shall ControlPoints, or any of its respective partners, principals, agents or employees, be liable for any direct, indirect, incidental, special, exemplary, punitive, consequential or other damages (including but not limited to, liability for loss of use, data or profits), without regard to the form of any action, including but not limited to, contract, negligence or other tortious actions, arising out of or in connection with the Site, any content on or accessed by use of the Site, or any copying, display or other use.

As content on the Site (including any concepts, ideas, methods, procedures, processes, know-how, techniques, programs, publications, models, products templates, technologies, software, designs, art work, graphics and information on or described in the Site) may be copyrighted, proprietary and subject to intellectual property or other rights (which rights are owned by ControlPoints), any unauthorized use of any materials on the Site may violate copyright, trademark and other laws or applicable intellectual property or other rights. Users are encouraged to print or distribute content (e.g., via link on a social network) provided that:

  • The use of the content is personal and noncommercial.
  • All copyright, trademark and similar notices are retained.
  • The content is not used as or implies that ControlPoints is providing a testimonial or endorsement of an organization, its products or services.

Materials on the Site may not be modified, reproduced, publicly displayed, performed, distributed or used for any public or commercial purposes without explicit written permission from the appropriate content or material provider (including third-party links). ControlPoints bears no risk, responsibility or liability in the event that a user does not obtain such explicit written permission as advised by ControlPoints.

The ControlPoints name and logo are registered trademarks or trademarks of ControlPoints and other product and service names mentioned on the Site may be the registered trademarks or trademarks of ControlPoints. Use of these marks requires express prior permission from, and a license agreement with, ControlPoints. Unauthorized use of these and any other of ControlPoints’ portfolio of trademarks will be prohibited to the fullest extent of the law. To request this written approval, contact the webmaster or use the “Contact us” feature.

Third-party links are provided as a convenience to our users. ControlPoints does not control and is not responsible for any of these sites or their content. ControlPoints vigorously protects its reputation and trademarks and ControlPoints reserves the right to request removal of any link to our web site.

The following web link activities are explicitly prohibited by ControlPoints and may present trademark and copyright infringement issues:

  • links that involve unauthorized use of our logo
  • a form of link that disguises the URL and/or bypasses the homepage or pages containing the entity copyright, legal disclaimer and online policy statement.