Common use of Asset Classification and Control Clause in Contracts

Asset Classification and Control. Secureworks’ practice is to track and manage physical and logical assets. Examples of the assets that Secureworks IT might track include:  Information Assets, such as identified databases, disaster recovery plans, business continuity plans, data classification, archived information.  Software Assets, such as identified applications and system software.  Physical Assets, such as identified servers, desktops/laptops, backup/archival tapes, printers and communications equipment. The assets are classified based on business criticality to determine confidentiality requirements. Industry guidance for handling personal data provides the framework for technical, organizational and physical safeguards. These may include controls such as access management, encryption, logging and monitoring, and data destruction. As part of the employment process, employees undergo a screening process applicable per regional law. Secureworks’ annual compliance training includes a requirement for employees to complete an online course and pass an assessment covering information security and data privacy. The security awareness program may also provide materials specific to certain job functions.

Asset Classification and Control. Secureworks’ practice is to track and manage physical and logical assets. Examples of the assets that Secureworks IT might track include:  • Information Assets, such as identified databases, disaster recovery plans, business continuity plans, data classification, archived information.  • Software Assets, such as identified applications and system software.  • Physical Assets, such as identified servers, desktops/laptops, backup/archival tapes, printers and communications equipment. The assets are classified based on business criticality to determine confidentiality requirements. Industry guidance for handling personal data provides the framework for technical, organizational and physical safeguards. These may include controls such as access management, encryption, logging and monitoring, and data destruction. As part of the employment process, employees undergo a screening process applicable per regional law. Secureworks’ annual compliance training includes a requirement for employees to complete an online course and pass an assessment covering information security and data privacy. The security awareness program may also provide materials specific to certain job functions.