Review enabled subprocessors and client authorisation

THD-001 · Third Parties & Integrations

Review enabled subprocessors and client authorisation

No service provider should receive Customer Data unless required, contractually protected and authorised/disclosed.

Critical

Due 22 Sep 2026, 12:00 AM

Contractual Requirement and Action Plan

Agreement / Client

BIZ-2026-00002
Taxmanntri Consultancy Private Limited

Clause / Schedule

DPA / Subprocessor Schedule

Owner

Bizzomation Software
info@finwellgrowth.com
Finwell

Due Date

22 Sep 2026, 12:00 AM

Communication

Not Sent

Evidence

Not uploaded

Internal Action Points

Review providers, purpose, data, location, contract, DPA and incident contact.

Evidence Required

Quarterly subprocessor register.

Prepared Client Communication

Not Sent

Upload Compliance Evidence

Update Control Record

Why This Is a Risk

Due in 84 day(s)Risk classification considers contractual severity, current status and time remaining. Red items require immediate action and evidence-based closure.

Created

29 Jun 2026, 05:55 PM

Completed

—

Recurrence

Quarterly

Cycle

2026-09-22

Complete Activity Trail

No activity recorded.

Contractual Obligation Control

Critical Risk · Due in 84 day(s)