Documented internal procedures
We maintain a document base for quality, development, security, changes, support and data integrity.
Trust Center
Security, Quality & Trust
At Jelpus we build custom software with internal procedures oriented to security, quality, traceability and operational continuity.
Trust baseline
Clear controls for corporate projects.
The public information summarizes our approach. Full procedures and evidence are shared only under NDA, agreed scope and approved version.
Access management and confidentiality
We apply least privilege principles, permission control and careful handling of client information.
Change control and versioning
Changes are managed with assessment, review, testing and release criteria according to each project.
Testing and validation
Before releasing relevant changes, we perform testing activities aligned with scope and acceptance criteria.
Incidents and support
When the contract requires it, we define severity, channels, tracking, response times and escalation.
Documentation under NDA
We can prepare additional documentation for client assessments, vendor qualification and audits.
Information security
We apply internal controls to protect client and project information, including access management, multi-factor authentication when available, least privilege, credential control and permission reviews when the scope requires it.
Quality and software development
Our projects follow a structured work methodology covering analysis, design, development, review, testing, deployment and support. We maintain operational evidence such as technical documentation, change history, incidents, reviews and agreed client deliverables.
Change management and versioning
Software changes are managed through controlled flows covering assessment, prioritization, implementation, review, testing and deployment. Versioning is supported by code repositories, change history and release criteria defined by project.
Testing, validation and UAT
Before releasing relevant changes, we perform testing activities according to project scope, including functional testing, technical review, regression testing when applicable and client validation through acceptance criteria.
Incidents, support and SLA
Incidents are classified by severity and impact. When required by contract, service levels, response times, communication channels, escalation criteria and tracking mechanisms are defined until closure.
Backups and continuity
For projects that require it, we define backup, recovery and continuity policies aligned with the contracted technical architecture and technology providers used.
Regulated environments and data integrity
Jelpus can build solutions with controls oriented to regulated environments, including traceability, access control, activity logs, change management and data integrity. Final regulatory validation must be contractually defined with the client according to the intended use of the system.
Under NDA
Documentation available on request.
Access to full documents is assessed case by case. We do not share restricted procedures, internal matrices or sensitive evidence without internal approval.
- Quality, Security and Software Development Manual.
- Software Project Management Procedure.
- Change Management Procedure.
- Testing and Validation Procedure.
- Incident Management and SLA Procedure.
- Access Control Policy.
- Backup and Recovery Policy.
- Document Management Procedure.
- Data Integrity Policy.
- Statement on development in 21 CFR Part 11 contexts.
- Technology Vendors and Third Parties Policy.
Client audits and vendor qualification
Jelpus can support vendor assessment, audit or qualification processes under NDA, previously agreed scope and availability of evidence applicable to the contracted service.
Jelpus
Need to review documentation or prepare a vendor assessment?
We can agree scope, NDA, applicable documentation and required evidence for your qualification process.