For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
PlaygroundChangelogSign In
OverviewAPI ReferencePre-recorded STTStreaming STTVoice AgentsSpeech UnderstandingGuardrailsLLM GatewayFAQ
OverviewAPI ReferencePre-recorded STTStreaming STTVoice AgentsSpeech UnderstandingGuardrailsLLM GatewayFAQ
  • Overview
      • Has AssemblyAI certified to the EU-U.S. Data Privacy Framework?
      • Can I sign a DPA agreement with AssemblyAI?
      • Can you provide a copy of your most recent penetration test executive summary?
      • Can you provide a recent vulnerability scan?
      • Will AssemblyAI sign a Business Associate Addendum (BAA) as described in the HIPAA rules and regulations?
      • Do you have a formal risk assessment policy or process?
      • Do you have documented information security policies? If so, how frequently are they updated?
      • Do you offer self-hosted solutions?
      • Do you support SAML in your product?
      • Does AssemblyAI utilize an anti-virus/anti-malware solution across all relevant infrastructure (workstations and servers), and are appropriate response capabilities deployed to respond to alerts?
      • How are incidents escalated within your organization?
      • How do we securely use your service?
      • How do you protect production code?
      • How to Access AssemblyAI's Security Reports
      • How to Opt Out of Data Sharing for our Model Improvement Program
      • Is multi-factor authentication enforced for all access to scoped systems and data?
      • Does AssemblyAI have a documented process for reviewing and approving third-party service providers?
      • Does AssemblyAI have an incident response plan?
      • What are your recovery time and recovery point objectives?
      • What is your SLA for repairing Critical/High/Medium vulnerabilities?
      • What logs are available to customers?
      • What standards do your internal password policies follow?
      • Where are your servers located?
LogoLogo
PlaygroundChangelogSign In
OverviewPrivacy & Security

Do you have a formal risk assessment policy or process?

Yes, we have a formal risk assessment policy. We conduct quarterly risk reviews including conducting business impact analysis on high-risk events, and keeping track of risks within Jira, our ticketing system.

Samples of old risk register exports can be provided to select customers with signed NDAs, but not current versions as some risks may still be open.

Was this page helpful?
Previous

Do you have documented information security policies? If so, how frequently are they updated?

Next
Built with