Information Security Policies. And Guidelines For Access To Computers, Networks and Information By Non-Employee Personnel.
Information Security Policies. 1.3.1. The Company shall have a defined and documented information security management system including an information security policy and procedures in place, which shall be approved by Company’s management. They shall be published within Company´s organization and communicated to relevant Company personnel.
Information Security Policies. With respect to any information systems you use to store or process PII, you are responsible for ensuring that the owner(s) and operator(s) of such information systems implement and maintain policies and procedures that address the following areas:
Information Security Policies. Sumo Logic will implement, maintain, and adhere to its internal information security and privacy policies that address the roles and responsibilities of Sumo Logic ’s personnel, including both technical and non-technical personnel, who have direct or indirect access to Your Data in connection with providing the Services. All Sumo Logic personnel with access to Your Data will receive annual training on Sumo Logic ’s ISMP.
Information Security Policies. A. Contractor must have, and upon request by the DOE shall promptly provide the DOE with copies of its, information security policies that cover the following elements:
Information Security Policies. Administrator will implement, maintain and periodically review (no less frequently than annually) written policies and procedures that address the following areas:
Information Security Policies. The Data Recipient must have in place and adhere to internal information security and privacy policies that address the roles and responsibilities of the Data Recipient's personnel, including both technical and non-technical personnel, who have direct or indirect access to the Data. These internal security and privacy policies must, at a minimum, include: security policy; organization of information security; asset management; human resources security; physical and environment security; communications and operations management; access control; information systems procurement, development and maintenance; information security incident management; business continuity management; and compliance.
Information Security Policies. In addition to the information security requirements set forth elsewhere in the Agreement, Provider shall have processes and procedures in place to comply with the following Customer Policies: • Information Security (ITS 100) • IT Risk Management (ITS 104) • Data Protection (ITS 105) • Access Control and Password Management (ITS 200) • Email and Messaging Policy (ITS201) • Remote Access (ITS 202) • Acceptable Use Policy (ITS 203) • Security Awareness and Protection Training (ITS 205) • Use of Personal Equipment (ITS 300) • Anti-Virus (ITS 302) • Intrusion Detection (ITS 400) • Production-Nonproduction Connectivity (ITS 401) • Patch Management (ITS 402) • Firewall and Router (ITS 403) • Change Management (ITS 501) • Incident Response (ITS 504) • Software Management (ITS 602) g. Information Disclosure / Media / Investor communications. In provision of the Services in any applicable Service Agreement, Provider shall comply with Customer’s information disclosure, media and investor communications policies.
Information Security Policies. 14.1 Vendor has documented and published a set of information security policies that are aligned to industry best practices and standards for information security and reviewed periodically. Those policies address the following:
Information Security Policies. Processor has written policies describing the technical and organizational measures implemented for information security. The security policies consider the real risks the Personal Data are exposed to. They include a description of how to manage security incidents, a description of the awareness-raising process for the policies within the organization and a description of the various responsibilities and organizational rules. The security policies have been approved by the relevant persons in the organization and have been adequately disseminated within the organization. A reassessment of these technical and organizational measures is performed on a regular basis in order to ensure that the goals and the measures taken remain up-to-date so that improvements can be made if necessary. Security controls are updated in the event of any reorganization or modification of infrastructure. The security policies will be adapted where necessary as a result of modifications or reassessment. Xxxxxxxxx has appointed a Chief Information Security Officer, who oversees the implementation of the security policies. The Chief Information Security Officer possesses the necessary competences, is adequately trained and will not be able to discharge any function or take up any responsibility that is incompatible with that of a Chief Information Security Officer.
