# List of Procedures
#### **PERSONAL DATA**
*(PL: DANE OSOBOWE)*
* DO - 01 Personal Data Protection Policy
* DO - 01 Annex 02 Information Clause Templates - VERCOM Information Clauses
* DO - 01 Annex 04 Record of Processing Activities at VERCOM
* DO - 01 Annex 06 \[Template] 20YYMMDD-X Personal Data Breach Report
* DO - 01 Annex 08 Client Incident Reporting Procedure
* DO - 01 Annex 09 Executive Procedure: Selection of New Supplier and Software
* DO - 01 Annex 10 Data Subject Complaint Handling Procedure
* DO - 01 Annex 11 Procedure for Informing Clients of Changes to Contractual Documents
* DO - 02 IT System Management Instruction
* DO - 02 Annex 01 Disk Wiping Protocol
* DO - 03 Personal Data Risk Assessment Methodology
* DO - 03 Annex 01 Risk Assessment Sheet
* DO - 03 Annex 02 Supplier Assessment Questionnaire
* DO - 03 Annex 03 Internal Supplier Assessment Questionnaire
* DO - 04 Technical and Organizational Measures\_ ISO
#### **DORA PROCEDURES**
* DORA-01 ICT Third-Party Risk Management Policy
* DORA-02 ICT Services Exit Strategy Procedure
* DORA-03 Contractual Requirements for ICT Providers
#### **INFORMATION SECURITY PROCEDURE (PBI)**
* PBI - 01 Information Security Process Manual
* PBI - 01 Annex 01 Information Security Objectives
* PBI - 01 Annex 02 Asset Inventory
* PBI - 01 Annex 02-01 Vercom Inventory
* PBI - 01 Annex 03 Business Continuity Plan (BCP) Framework
* PBI - 01 Annex 03-02 Detailed BCP Test Report
* PBI - 01 Annex 04 Context of the Organization
* PBI - 01 Annex 05 Security Control Effectiveness Measurement
* PBI - 01 Annex 06 VERCOM Change Management Policy
* PBI - 01 Annex 06.01 Change Management
* PBI - 01 Annex 06.02 System Development Life Cycle (SDLC)
* PBI - 01 Annex 07 VERCOM Data Retention Procedure
* PBI - 01 Annex 08 Business Impact Analysis (BIA) Sheet
* PBI – 01 Annex 09 Test Plan with Test Scenario
* PBI - 01 Annex 10 \[CONFIDENTIAL] Disaster Recovery Plan
* PBI - 02 Information Classification
* PBI - 03 Security Incident Management
* PBI - 03 Annex 01 Incident Register
* PBI - 03 Annex 02 Event Report - TEMPLATE: Declaration of Personal Data Protection Incident at VERCOM
* PBI - 03 Annex 03 Report Phishing
* PBI - 03 Annex 04 Incident Reporting
* PBI - 03 Annex 05 \[CONFIDENTIAL] Post-Intrusion Analysis
* PBI – 03 Annex 06 \[CONFIDENTIAL] Guidelines and Definitions regarding Incident Response Capabilities at Vercom
* PBI – 03 Annex 07 \[CONFIDENTIAL] Incident Response Report
* PBI - 03 Annex 08 Event Report
* PBI - 03 Annex 09 - Executive Procedure - Detection of Anomalous Events on Client Account in the Platform
* PBI - 04 Use of IT Resources by Users
* PBI - 04 Annex 01 Access Management Instruction at VERCOM
* PBI - 04 Annex 02 \[CONFIDENTIAL] Security and Cryptographic Key Management Procedure
* PBI – 04 Annex 03 External Media Request
* PBI – 04 Annex 01-03 Access Rights
* PBI - 04 Annex 01-04 Employee Statement - Access Card Receipt
* PBI - 04 Annex 01-05 Laptop Handover Protocol
* PBI - 04 Annex 01-06 Phone Handover Protocol
* PBI - 04 Annex 01-07 Terms and Conditions for Use of Electronic Devices
* PBI - 04 Annex 01-08 User Statement
* PBI - 04 Annex 01-09 Authorization to Process Personal Data at Vercom S.A.
* PBI - 04 Annex 01-12 Access Rights Review Report Template
* PBI - 05 Use of Resources - Administrators
* PBI - 05 Annex 01 Hardware Change Management Procedure
* PBI - 05 Annex 01-01 - Change Request TEMPLATE
* PBI - 05 Annex 02 \[CONFIDENTIAL] Configuration Management
* PBI - 06 Risk Assessment
* PBI - 06 Annex 01 Risk Assessment Sheet
* PBI - 07 Statement of Applicability \[SoA]
* PBI - 08 VERCOM Vulnerability Management Process
* PBI – 08 Annex 01 Suggested Test Schedule
* PBI – 08 Annex 02 \[CONFIDENTIAL] Annual Audit Template
* PBI – 08 Annex 03 Single Test Report Template
* PBI – 08 Annex 04 \[CONFIDENTIAL] Established List of Publicly Accessible Hosts and IPs
* PBI – 08 Annex 05 \[CONFIDENTIAL] Vulnerability Risk Assessment Sheet (Classified Internal IT Document)
* PBI – 08 Annex 06 \[CONFIDENTIAL] Vulnerability Register
* PBI - 09 \[CONFIDENTIAL] Backup Management Policy / Personal Data Management in Cloud Computing
* PBI - 10 Procedure for the Use of Messengers and Online Collaboration Tools
* PBI - 11 \[CONFIDENTIAL] Secure Development Procedure
* PBI - 12 Artificial Intelligence Tools Usage Policy \[(II) PROTECTED INFORMATION]
* PBI - 13 Identity and Guest Access Management at Vercom S.A.PBI - 14 Password ManagementPBI - 15 Communication Procedure at VercomPBI - 16 Business Partner Verification PolicyPBI - 17 Third-Party Data Sharing Policy
#### **CLOUD SECURITY POLICY**
*(PL: POLITYKA BEZPIECZEŃSTWA CHMURY)*
* PCH - 01 Identification and Supervision of Legal and Formal Requirements
* PCH - 01 Annex 01 Register of Legal Acts
* PCH - 02 Cloud Security Policy
#### **INTEGRATED MANAGEMENT SYSTEM PROCEDURE**
*(PL: PROCEDURA ZINTEGROWANEGO SYSTEMU ZARZĄDZANIA)*
* PSYS - 01 Internal Audits
* PSYS - 01 Annex 01 Audit Schedule
* PSYS - 01 Annex 02 Audit Report
* PSYS - 02 Control of Documented Information
* PSYS - 02 Annex 01 List of Procedures and Instructions
* PSYS - 03 Corrective Actions and Non-Conformities
* PSYS - 03 Annex 01 Corrective Action Sheet
* ISMS Management Review Report
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.emaillabs.io/en/security-and-compliance/vercom-s.a.-security-and-trust-center/list-of-procedures.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.