Are all identified security, contractual, and regulatory requirements for customer access contractually addressed and remediated prior to granting customers access to data, assets, and information systems? Jonathan van Driessen September 04, 2021 15:25 Yes. Related articles Are upgrades or system changes installed during off-peak hours or in a manner that does not impact the customer? Do you maintain written disaster recovery procedures / a Disaster Recovery Plan (CRP)? Comments 0 comments Please sign in to leave a comment.