XGRC CYBER SECURITY
XGRC Software®’s cloud-based platform is designed with security and privacy as top priorities.
The XGRC® platform is designed to be secure, resilient, and compliant, validated by our ISO 27001:2022 certification.
At Strategix Application Solutions, data security is our top priority. As the OEM of the XGRC® platform, we ensure that our solution not only meets regulatory standards but also proactively addresses emerging threats. With features like secure data storage, encryption, and compliance monitoring, we provide comprehensive protection, allowing businesses to operate confidently and focus on growth.
ISO 27001: 2022 certification
Our ISO 27001:2022 certification demonstrates our commitment to implementing comprehensive security controls, continuously improving our Information Security Management System, and ensuring compliance with global standards across all aspects of the XGRC® platform, from design to support, to safeguard your data now and in the future.
Network security and system monitoring
Our network security framework combines real-time monitoring, AI-driven vulnerability assessments, SIEM and SOAR tools, 24/7 SOC oversight, and adherence to NIST and OWASP standards to ensure continuous protection, rapid incident response, and proactive defense against evolving cyber threats.
Data security and privacy controls
We ensure GDPR and POPIA compliance, using 256-bit Rijndael encryption, secure Microsoft Azure storage, and customer-specific keys to protect your data throughout its lifecycle, and upon the end of our partnership, we securely destroy all data and provide a Data Destruction Certificate.
Enterprise architecture
The XGRC® platform utilizes Microsoft Azure’s cloud infrastructure along with services like Cloudflare DNS, Azure Load Balancer, Azure Managed SQL Instance, Azure Active Directory, and HakWare Archangel to provide scalable, secure, and compliant solutions that ensure high availability, robust performance, and continuous monitoring for regulatory compliance in the financial industry.
Incident response and disaster recovery
Our Incident Response Team follows documented procedures within our ISMS to swiftly address potential threats, with clearly defined incident classification and response times, supported by daily AI-driven vulnerability assessments and a structured response plan that includes identification, containment, eradication, recovery, and lessons learned; additionally.
Our comprehensive disaster recovery plan features daily backups, data replication, and rigorous testing to achieve a 1-hour Recovery Point Objective (RPO) and a 4-hour Recovery Time Objective (RTO), ensuring minimal data loss and efficient restoration of services even during high-demand periods or incidents, with quarterly testing and annual audits by an external ISO auditor.
Vendor management and confidentiality
At Strategix, we ensure that all vendors comply with GDPR, POPIA, and ISO 27001:2022 standards by vetting them through our ISMS processes and conducting annual audits to maintain a secure vendor network, reinforcing our supply chain and safeguarding client data with stringent confidentiality measures, non-disclosure agreements, and a commitment to data protection throughout its lifecycle.
Committed to Driving Compliance® by offering a platform that is as secure as it is dynamic
Our proactive and responsive support services enable clients to log requests through multiple channels, with a dedicated team committed to resolving issues promptly while immediately deploying critical security patches to mitigate risks with minimal operational disruption, ensuring continuous protection and transparency through our SaaS and EULA agreements.
Compliance is integrated into every aspect of the XGRC® platform at Strategix, with a continuously updated monitoring system that aligns with evolving regulations and industry standards, ensuring clients stay ahead of potential regulatory issues while adhering to international standards like GDPR and POPIA, thereby minimizing the risk of fines and allowing internal teams to focus on their core business activities.
User access management is a key security feature of the XGRC® platform, enabling administrators to define granular permissions for adding, editing, viewing, and deleting rights at the module, dashboard, and record levels while ensuring that sensitive data is only accessible to authorized users. Following the least access principle, newly deployed features default to no access, allowing system administrators to grant only essential permissions and reducing the risk of unauthorized access as the platform evolves.
EXCELLENT Based on 16 reviews Eduard de Vries2022-10-12Trustindex verifies that the original source of the review is Google. Fantastic product. Very easy to use and applies assistance to compliance to multiple standards. Lilly Breytenbach2022-10-12Trustindex verifies that the original source of the review is Google. Great Software with a lot of client specific setup options, personalizing Reporting structure and processes to be setup according to your own needs. Veruschka Meintjes2022-10-11Trustindex verifies that the original source of the review is Google. Wonderful Product!! User friendly and great customer service Stefan Venter2022-10-11Trustindex verifies that the original source of the review is Google. XGRC has a great team that is always willing to help. Liam De Vries2022-10-11Trustindex verifies that the original source of the review is Google. Great product! User friendly and easy to learn Shanarize Richards2022-10-11Trustindex verifies that the original source of the review is Google. Love this company!! Always eager to help and go out of their way to support each other and be of assistance in any way... Thanks XGRC for the amazing opportunity to be part of the XGRC family. Michael Dawson2022-10-06Trustindex verifies that the original source of the review is Google. Awesome Product with amazing Customer Service!! Leasche' Meintjes2022-10-06Trustindex verifies that the original source of the review is Google. Wonderful product! User friendly and great support! Alexis van Eck2022-10-06Trustindex verifies that the original source of the review is Google. XGRC is the perfect solution for anyone wanting a Governance, Risk and Compliance platform. XGRC is well run by a group of highly qualified and motivated individuals ensuring they meet the needs of all organisation's. I would highly recommend.