NRB Consultancy Services Ltd is committed to the security of our services and systems, including the PASDOC platform at app.pasdoc.com. We take a coordinated and constructive approach to addressing security vulnerabilities.
This policy covers vulnerabilities discovered in any NRB or PASDOC service, whether by members of the public, security researchers or our own team.
If you believe you have discovered a vulnerability in any NRB Consultancy Services or PASDOC system, please contact us as soon as possible:
Please include as much detail as possible — the nature of the vulnerability, how it was discovered, the potential impact and any steps to reproduce it. We ask that you keep all communication confidential until we have had the opportunity to investigate and address it.
Acknowledgement — We will acknowledge receipt of your report within 2 working days.
Investigation — We will investigate and verify the reported vulnerability and keep you informed of progress.
Resolution — We will address verified vulnerabilities and release an update or patch within 90 days.
Disclosure — Where appropriate, we will acknowledge the contribution of the person who reported the vulnerability, unless they prefer to remain anonymous.
This policy applies to all NRB Consultancy Services and PASDOC digital services, including:
We ask that security researchers and reporters act responsibly — avoiding any action that could disrupt services, access or modify client data, or compromise the privacy of our users. We commit to working with you in good faith and will not pursue legal action against individuals who report vulnerabilities responsibly in accordance with this policy.
We greatly appreciate the efforts of anyone who takes the time to identify and responsibly disclose security issues. Your contribution helps us protect our clients and improve our services.