DRRT’s risk management and oversight involves governance, allocation of resources, and training and awareness of employees. DRRT generally leverages existing information security policies and practices to address cybersecurity risks. Routinely discussing cybersecurity issues in senior management meetings helps DRRT set the tone from the top and build a security culture. Strong governance includes clearly defined roles and responsibilities that assign accountability to identify, assess, and manage cybersecurity risks across DRRT.

DRRT has completed its Type 1 SOC2 audit. This ensures our clients that the firm’s security, availability, processing integrity, confidentiality, and/or privacy meet the highest standards and controls.

DRRT also complies with the European Union’s General Data Protection Regulation (“GDPR”) and the UK Data Protection Act of 2018 (“DPA”). DRRT is registered with the EU-U.S. Data Privacy Framework, the UK Extension, and the Swiss-U.S. Data Privacy Framework. Please refer to our Privacy Policy for detailed information.