Atlassian announces end of life for OpsGenie. Looking to switch? We're here to help -- Learn More ➡️
Menu

Information Security Policy

1. Introduction

PagerTree is committed to protecting the confidentiality, integrity, and availability of information entrusted to us by our customers, partners, and stakeholders. Information security is a foundational part of our operations and is integrated into our culture, processes, and technology.

PagerTree recognizes business information as a critical organizational asset. This policy establishes the framework for how PagerTree manages and protects that asset through our Information Security Program and supporting controls.

2. Purpose

The purpose of this policy is to define PagerTree’s core security principles and outline the responsibilities required to safeguard information throughout its lifecycle. This policy demonstrates PagerTree’s commitment to maintaining a secure environment and reducing risk for our customers.

3. Scope

This policy applies to:

  • All systems, services, and infrastructure used to deliver the PagerTree platform
  • All employees and contractors who access PagerTree information or systems
  • All third parties granted access to PagerTree data or environments

4. Information Security Governance

4.1 Executive Management

PagerTree Executive Management provides strategic direction and oversight for the Information Security Program. Responsibilities include:

  • Ensuring the implementation of a risk-based Information Security Program
  • Providing appropriate resources to maintain and improve security controls
  • Reviewing the effectiveness of PagerTree’s security program on at least an annual basis

4.2 Information Security Officer

PagerTree designates an Information Security Officer (ISO) responsible for:

  • Leading the Information Security Program
  • Managing risk assessments, compliance efforts, and ongoing control effectiveness
  • Overseeing security policies, training, and awareness initiatives
  • Coordinating incident response, third-party security reviews, and remediation activities

4.3 Information Security Committee

PagerTree maintains an Information Security Committee responsible for:

  • Reviewing security policies and recommending improvements
  • Supporting risk management and compliance activities
  • Promoting security awareness across the company
  • Monitoring changes in threats, vulnerabilities, and regulatory requirements

4.4 Employees and Third Parties

All personnel with access to PagerTree systems or data must:

  • Understand and follow PagerTree’s security policies
  • Complete security awareness training
  • Use systems and data responsibly and securely
  • Report suspected security issues promptly

5. Information Security Program

PagerTree maintains a comprehensive Information Security Program that includes administrative, technical, and physical safeguards designed to:

  • Protect sensitive information from unauthorized access, disclosure, alteration, or destruction
  • Ensure availability of systems required for delivering the PagerTree platform
  • Support business continuity and service reliability
  • Comply with applicable contractual, legal, and regulatory requirements

The program encompasses topic-specific policies and standards, including (but not limited to):

  • Access Control
  • Data Classification & Handling
  • Change Management
  • Incident Response
  • Vendor & Third-Party Risk Management
  • Vulnerability & Patch Management
  • Network & Infrastructure Security
  • Secure Software Development Practices

6. Compliance

PagerTree’s Information Security Program aligns with industry best practices and regulatory obligations. This includes compliance with:

  • State and federal data protection requirements
  • Contractual security commitments
  • Security frameworks and controls applicable to PagerTree’s operations

PagerTree conducts regular reviews, assessments, and audits to ensure continued compliance and improvement.

7. Enforcement

PagerTree enforces this policy through documented disciplinary measures and oversight mechanisms. Violations may result in:

  • Revoked system access
  • Employment or contract termination
  • Legal action where applicable

PagerTree expects all employees, contractors, and third-party partners to adhere strictly to this policy.

8. Review and Maintenance

This policy is reviewed at least annually, or whenever significant changes in operations, technology, or regulatory requirements occur. Updates are approved by Executive Management to ensure continued effectiveness and alignment with best practices.

For questions regarding this Information Security Policy or PagerTree’s security program, please contact security@pagertree.com.