Internal Standards and Policies
The data handling and protection standards of VMware guide employees regarding
appropriate labeling and handling of data for each classification level. Handling procedures
include the classification, processing, storage, transmission, and destruction of
data.
The Risk Management process defines controls that are implemented to mitigate the data
security risks, which include:
- Use of separation of duties
- Role-based access control and least-privilege access for all personnel in the supply chain
- Accounting of supply-chain partner data quality errors
- Associated risks and appropriate corrective action policies