Procurement Packet
This page provides a procurement-friendly overview of our trust posture, data handling practices, and how to request security documentation. We do not claim third-party certifications unless explicitly stated.
Company
Cichocki LLC
Primary Site
www.cichocki.com
Data Handling
Engagements are structured to minimize sensitive data exposure. If customer data access is required, the scope, access method, and retention expectations are documented per engagement in the statement of work.
- Data scope defined per engagement
- Retention policies documented
- Access methods specified in SOW
Access Controls
Access to internal systems is restricted to necessary personnel based on least privilege principles and reviewed as part of operational practice.
- Least privilege access model
- Role-based permissions
- Periodic access reviews
Incident Response
We maintain an incident response process to triage, contain, and communicate incidents based on impact and contractual requirements.
- Documented response procedures
- Stakeholder notification process
- Post-incident review
Subprocessors & Third Parties
If a specific engagement uses third-party services (e.g., scheduling, analytics, hosting), that information can be shared as part of the security materials request. Current infrastructure providers can be disclosed upon request.
Insurance
Professional liability and errors & omissions insurance documentation can be provided upon request if applicable to your procurement process. Certificate of Insurance (COI) available.
Request Security Materials
Include your company name, desired documents, and timeline. We typically respond within 2 business days.
Request Materials →Direct security inquiries: security@cichocki.com