Completed Compliance
Frameworks verified by consultant
ISO 27001:2022
120 measures implemented
Resources
Responsible Disclosure Policy
This policy encourages security researchers and users to report vulnerabilities in FEHA’s systems responsibly and in good faith. Outlines safe channels for disclosure and ensures reporters will not face legal action if they follow the guidelines.
Approved at 24th Feb, 2026 at 05:48:42
Public
AI Governance Policy
This AI Governance Policy establishes a structured framework for the ethical and responsible development, deployment, and use of Artificial Intelligence (AI) within FEHA.
Approved at 24th Feb, 2026 at 06:31:46
Public
FEHA ISO 27001 Certificate
Certificate New
Approved at 2nd Apr, 2026 at 08:02:41
Public
In Progress Compliance
This score is determined through an assessment performed by our FEHAGRC Consultant tes.
ISO 42001:2023
66 of 91 measures implemented
PDPA Singapore
5 of 9 measures implemented
1 Measures
Encryption / Cryptography
Encryption Policy
1 Measures
Correction
Nonconformity and Corrective Action Register
2 Measures
Internal Audit
Internal Audit Report
Internal Audit Programme
2 Measures
Business Continuity
Business Continuity Plan
Disaster Recovery Plan
3 Measures
Incident Management
Incident Response Plan
Tabletop Exercise
Incident Report
3 Measures
Vulnerability Management
Penetration Testing Report
Threat Assessment Report
Vulnerability Scanning Report
2 Measures
Source Code
Access Control Configurations for Source Code Repositories
Secure Coding Guidelines
1 Measures
Secure Development
Software Development Life Cycle
2 Measures
Backups
Information Backup Policy
Clock Synchronization Documentation
1 Measures
Endpoint Security
Device Configuration Standards or Baselines
2 Measures
Data Masking
Data Masking Policy
Data Masking Documentation
1 Measures
Secure Authentication
Multi-Factor Authentication (MFA) Implementation Records
4 Measures
Logging & Monitoring
Logging and Monitoring Policy
Monitoring activities documentation
Endpoint Management System Records
3 Measures
Network Security
Network Security Policy
Network Diagram
Process flow diagram for Network Security Control
4 Measures
Access Control
Privileged Utility Program Usage Logs
Access Control Policy
Access Reviews Documentation
3 Measures
Data Protection
Data Classification Policy
Data Protection Policy
Retention Schedule
2 Measures
Inventory
Asset Management Policy
Asset Register
2 Measures
Remote Working
Remote Working Policy
Examples of Security Reminders
2 Measures
Training
Training Records
Certifications and Qualifications
1 Measures
Onboarding/Offboarding
Acceptable Use Policy
3 Measures
Recruitment
Code of Conduct
Template Employment Contract
Personnel Background Verification
2 Measures
Objectives
Information Security Objectives
AI Objective Action Plan
1 Measures
Management Documentation
Management Review Meeting
2 Measures
Change Management
Change Management Policy
Change Request Forms / Change Log
3 Measures
Risk Management
Risk Assessment Report
Risk Assessment Policy
Risk Assessment Input
6 Measures
Interested Parties
Stakeholder Analysis
List of contact special interest groups
Customer Contracts/SLAs
2 Measures
Legal & Regulatory
List of relevant authorities
Applicable Laws and Regulations
2 Measures
Roles & Responsibilities
Organizational Charts
RACI Matrix
4 Measures
Management System Documentations
Information Security Management System (ISMS) Plan
Statement of Applicability
Context Analysis Document