Duffel
https://duffel.com/
Last updated
https://duffel.com/
Last updated
Duffel is focused on democratising the travel industry through the use of easy-to-use APIs. They build infrastructure that underpins the travel industry in an effort to make it accessible for anyone who wishes to sell travel.
| Question | Answer |
|---|---|
Does the supplier hold ISO27001, or other externally validated certificate that is in line with or exceeds ISO27001?
No
Does the supplier encrypt personal data at rest and in transit?
Yes
Does the supplier adhere to the principle of least privileged and have access control processes in place?
Yes
Does the supplier have processes in place to address risk management?
Yes
Does the supplier train and engage their employees to become cyber aware?
Yes
Does the supplier have a process to manage assets throughout their lifecycle, including security and destruction?
Yes
Does the supplier have a process to manage disaster recovery and the backups of critical systems?
Yes
Does the supplier have a processes in place to identify and remediate vulnerabilities such as penetration testing or vulnerability scanning?
Yes
Does the supplier have logging and monitoring in place to identify incidents with their assets and data?
Yes
Does the supplier have an incident management process in place?
Yes
Does the supplier have process in place to protect and manage their supply chain?
Yes
Are there contracts that cover security requirements, data protection requirements and confidentiality?
Yes
Does the supplier have a quality management system in place?
No