# Risk resources
This page list public security and privacy resources that may support risk assessments of HUNT Cloud. These links are intended for security and privacy officers.
Risk roles
Oddgeir Lingaas Holmen holds the role as Chief information officer at HUNT Cloud. The role is responsible for the implementation of the Security and privacy policies, including our risk management. Qussay Ghazeia holds the role as Compliance officer at HUNT Cloud. The role is responsible for the internal audit program and coordination of external audits.
# Security and privacy policies
These are the documents that we build our security and privacy framework on. "Security and privacy policies" provides a list of individual security controls that should be implemented in HUNT Cloud.
# Statement of applicability (SoA)
This is the document that states the implementation status of the individual security and privacy controls specified in our policy documents. In other words, the SoA is what we state we have implemented, and such a good reference points for your audits to check if our implementation meet your expectations.
# ISO certificates
ISO certificates provides verification from a third-party that we comply with the requirements in the international standards as stated in our SoA. We hold certificates for information security (ISO 27001) and quality (ISO 9001).
# Current risks and audit view
We report overall risks as we see them three time per year in our Ting report under the "Risk factors" chapter. The report do also provide a summary of relevant laws and regulations and the results of our audit program under the "External and internal controls" chapter.
# Services specifications
This document specify responsibilities and relevant security measures for individual services. The document is formally incorporated as an appendix to the services center agreement.
# More information
Contact us additional information to aid your assessments.