Splnit.eu

splnit.eu/trust/splnit

Back
Managed with Splnit.eu

Trust Center / Frameworks / ISO 27001

FRAMEWORK STATUS

ISO 27001

ISO · ISO/IEC 27001:2022 · effective October 2022

IN PROGRESS

available evidencein progressnot applicable

Automated evidence checks configuredControls are publicly summarized by category

CONTROL CATEGORIES

Control categories

This view is intentionally aggregated. The public detail shows category status, not individual control identifiers or evidence files.

Identity and access management

MFA, conditional access, privileged roles, and guest access

available internal evidence

in progress

Cryptography and data protection

Data encryption, key management, data classification, and secure sharing

available internal evidence

in progress

Logging and monitoring

Logging, monitoring, anomaly alerts, and event traceability

available internal evidence

in progress

Backup and recovery

Backups, recovery, business continuity, and recovery testing

available internal evidence

in progress

Vulnerability management

Patch management, vulnerability scanning, remediation, and prioritization

available internal evidence

in progress

Supply chain security

Supplier risk, contractual requirements, questionnaires, and ongoing review

available internal evidence

in progress

DOCUMENTS

Related documents

Locked items are available on request. Public documents can be viewed directly without additional access.

Security Whitepaper

Current early-access security posture, hosting, access, and incident-response summary.

View

Sub-processor list

Main sub-processors and processing context maintained in the public DPA page.

View

Terms of Service

Public service terms for Splnit.eu.

View

REGULATION CONTEXT

About this regulation

Regulator

ISO

Czech law

ISO/IEC 27001:2022

Effective date

October 2022

Maximum penalty

No statutory fine

Need more information or document access?

Request documents or send a security question to the team.

Request access to documentsContact security team

Why don't we show individual controls?

Details of individual controls, control IDs, evidence files, test results, and audit timing could give attackers information about configuration and weak points. Public pages show only category-level aggregate data. More detailed access requires an NDA request.

Vendor risk assessment

Procurement or security teams can request more detailed answers about Splnit.eu.

privacy@splnit.eu

Usually answered within 2 business days

Responsible disclosure

Send security findings and vulnerabilities through the responsible disclosure channel.

security@splnit.eu

PGP key on request · first response within 24 hours

Privacy contact

Send privacy, DPA, and sub-processor questions through the privacy channel.

privacy@splnit.eu

DPA and privacy questions · usually answered within 2 business days

Latest internal evidence · next internal review later

← Back to Trust CenterSplnit.eu homestatus pagePrivacyTerms