---
template: "page.peb"
title: "Information Security Program"
displayName: "Information Security Program"
description: "Program-level security governance including roles, access management, monitoring, encryption, incident response, and compliance roadmap."
category: "security"
contentType: "policy"
audience: "end-user"
tags: "security,infosec,governance,soc2"
section: "security"
seoTitle: "Information Security Program"
seoDescription: "Program-level security governance including roles, access management, monitoring, encryption, incident response, and compliance roadmap."
---

## Information Security Program

Version: **1.0**  
Last updated: **March 2025**

This program defines iDialogue security governance for confidentiality, integrity, and availability across product and operations.

## Program components

- Security ownership and role responsibilities
- Access management with MFA and RBAC
- Logging and monitoring practices
- Data protection and encryption standards
- Backup and disaster recovery targets
- Vendor and subprocessor governance
- Change management and secure SDLC controls
- Incident response and post-incident review
- Security training and awareness

## Compliance direction

The legacy source references alignment to SOC 2 trust service criteria and ongoing readiness activities.