Assessment Process
It’s no surprise that Bramble Customers and Prospects conduct Security due diligence activities prior to contracting with Bramble. We recognize the importance of these reviews and have designed this procedure to document the intake, tracking and responses to these activities.
Scope
The Customer Assurance Activities Procedure is applicable to Security due dilligence reviews requested by Bramble Customers and Prospects. This includes, but is not limited to, requests for Security Questionnaires, Contract Reviews, Customer Meetings, and External Evidence (such as a SOC2 or Penetration Test).
Roles and Responsibilities
| Role | Responsibility |
|---|---|
| Field Security team | Maintain a mechanism to intake and respond to Customer Assurance Activities |
| Provide complete and accurate responses within documented SLA | |
| Document and report any risk or trends identified during Customer Assurance Activities | |
| Maintain Metrics for Security KPI | |
| Account Owner | Recieve Customer or Prospect requests and submit to Field Security team |
| Engage Solutions Architect or Technical Account Manager, as needed | |
| Provide information and documentation back to Customer or Prospect | |
| Solutions Architect | Complete the First Pass, as applicable |
| Current Customers | Utilize Customer Self-Service tools noted below |
| Contact your Account Owner at Bramble. If you don’t know who that is, please reach out to sales and ask to be connected to your Account Owner. | |
| Prospective Customers | Fill out a request and a representative will reach out to you. |
Customer Self-Service Information Gathering
At Bramble, we are extremely transparent and the answers to many common questions may already be publicly available. However, we also iterate quickly, meaning the answers may change over time. We encourage our Customers and Prospects to utilize the below self-service resources as a first step in the process of assessing Bramble.
- Search for General Information about Bramble in our public handbook.
- Review Bramble’s Customer Assurance Package
Self-attestations
In the spirit of iteration, Bramble is continuously evolving our list of compliance self-attestations. Completed self-attestations are reviewed annually for continued applicability and can be found in our Customer Assurance Package. Customers can submit suggestions and requests for new self-attestations through their Account Manager. Bramble team members can submit recommendations for future compliance assessments to the Field Security team.
Service Level Agreements
| CAA Request Type | SLA | Notes |
|---|---|---|
| Security Questionnaire | 10 Business Days | SA or TAM will utlize AnswerBase and/or other self-service resources prior to requesting Field Security assistance. SA or TAM will ensure everyone on the Field Security team has access to any files or portals. |
| Contract Review | 5 Business Days | Contracts over $50,000 will require Manager or Director Review. |
| Customer Meetings | N/A | SA or TAM will provide context up front of to the Customer or Prospects questions or concerns prior to the meeting. Field Security will provide a PowerPoint presentation with critical information about Bramble Security and specifics to the Customer or Prospect’s request. If the opportunity is greater than or equal to $250,000, the VP of Security will also attend. |
| External Evidence | 2 Business Days | SA or TAM must provide the name and email address of the recipient. |
Exceptions
If the Account Owner or Customer Success point of contact feel they have sufficient knowledge and resoures to complete a Customer Assessment, this procedure does not have to used. These excpetions, will not be tracked.
References
Not applicable