Risk Assessment and Business Continuity

Tranquilmoney's servers are hosted and managed by Rackspace out it's facilities in Texas City and therefore we have access to Rackspace's state of the art business continuity infrastructure. In addition there are back-ups available on servers in the back office in India. If for any reason, the servers at Rackspace are down, the servers in India take over and customer faces no down-time.

The company has redundancies built through use of multiple service providers for bandwidth and communication links. The company has business associate relationships with multiple organizations in India which ensure that work can be moved to those locations in the event that work the back office in India is affected by flood, fire or other natural disasters. There are well documented business continuity plans to act on in case of such eventualities and all concerned people are trained to act on such eventualities.

A claim is paid if the employer or insurance carrier agrees that the injury or illness is work-related. If the employer or insurance carrier disputes the claim, no cash benefits are paid until the Workers' Compensation Law Judge decides who is right. If a worker is not receiving benefits because the employer or insurance carrier is arguing that the injury is not job-related, he/she may be eligible for Disability Benefits in the meantime. Any payments made under the Disability Program, however, will be subtracted from future workers' compensation awards.

Risk Assessment

Tranquilmoney management performs risk assessment during the design and implementation of the control objectives and related controls described in this report. As part of its risk assessment, management identifies the threats and vulnerabilities relevant to the security of tranquilmoney business operations and rates the risk posed by each identified vulnerability. This rating allowed for the design and implementation of controls to mitigate the most significant risks to the security of Tranquilmoney’s service.

Risk assessment is performed by Tranquilmoney semi-annually and in response to any update to the design and implementation of the control objectives and related controls described in this report.

When conducting risk assessment, Tranquilmoney first identifies threats and vulnerabilities relevant to the security of its business operations. Tranquilmoney then - for each identified vulnerability - considers:

a) The likelihood of impact (i.e., the likelihood of the vulnerability being exploited), and

b) The severity of impact (i.e., how damaging an exploitation of the vulnerability would be).

Once the severity of risk posed by each identified vulnerability has been broadly quantified, Tranquilmoney management ensures that the design and operation of its controls are sufficient to address all significant risks to the security of its operations. following types of risk are identified in Tranquilmoney’s risk assessment process:

  • Operational risks associated with information systems, manual processes, and external systems
  • Financial and legal risks associated with market and organizational changes, regulatory costs, or other negligent action
  • Technology risks associated with intrusion, system failure, and errors

Business Continuity and Disaster Recovery

Tranquilmoney has classified information systems, applications, and data groups according to their critical and sensitive nature. Procedures exist to help ensure that data and systems can be restored in the event of a disaster and that business operations can continue in an emergency mode. In addition, Tranquilmoney has a documented procedure to perform periodic testing of all contingency plan procedures.