Measures for internal IT and IT security governance and management. Maintenance of a written, proportionally comprehensive information security program consistent with applicable industry standards that includes: • Information security policies, • Access management, • Change management, • Secure System Development Lifecycle (SSDLC), • Physical and environmental security, • Incident response plans and procedures, • Vulnerability management, • Patch management, • Business continuity/Disaster Recovery plans, • Continuous monitoring, • Asset criticality and data classification, • Data retention and destruction policies, • Third party and software supply chain security, • Hiring policies, • Employment termination policies, • Security awareness, • Privacy policies, and • Data security procedures. • Implementation of a risk management program to help address security vulnerabilities, and deploy security patches within a commercially reasonable timeframe; • Identification and assessment of reasonably foreseeable internal and external risks to the security, confidentiality, and/or integrity of any electronic, paper or other records containing Subscriber Data and evaluation and implementation of improvements, where necessary, of the effectiveness of the current safeguards for limiting such risks; • Annual employee security and privacy awareness training; • Written agreements with Domo sub-processors who have access to Subscriber Data;
Measures for internal IT and IT security governance and management a) Anti-virus software and a firewall are installed on servers and clients to help avoid malicious software gaining unauthorised access to systems.
Measures for internal IT and IT security governance and management. Data importer has a dedicated Security Committee responsible for overseeing IT security. This Committee holds weekly meetings. 11. Opatření pro interní a bezpečnostní správu a řízení IT: Dovozce údajů má specializovaný bezpečnostní výbor odpovědný za dohled nad bezpečností IT. Tento výbor pořádá týdenní schůzky.
Measures for internal IT and IT security governance and management. Pleo maintains a risk-based assessment security program. The framework for Pleo’s security program includes administrative, organizational, technical, and physical safeguards reasonably designed to protect the Services and confidentiality, integrity, and availability of Customer Data. Xxxx’s security program is intended to be appropriate to the nature of the Services and the size and complexity of Pleo’s business operations. Security is managed at the highest levels of the company, with the DPO and Information Security Manager meeting with the Chief Technology Officer regularly to discuss issues and coordinate security initiatives. Information security policies and standards are reviewed and approved by management at least annually and are made available to all Pleo employees for their reference.
Measures for internal IT and IT security governance and management. ConnectWise maintains a risk-based assessment security program. The framework for ConnectWise’s security program includes administrative, organizational, technical, and physical safeguards reasonably designed to protect the Offerings and confidentiality, integrity, and availability of Customer Data. ConnectWise’s security program is intended to be appropriate to the nature of the Offerings and the size and complexity of ConnectWise’s business operations. ConnectWise has a separate and dedicated Information Security team that manages ConnectWise’s security program. This team facilitates and supports independent audits and assessments performed by third parties. ConnectWise’s security framework is based on the ISO 27001 Information Security Management System and includes programs covering: Policies and Procedures, Asset Management, Access Management, Cryptography, Physical Security, Operations Security, Communications Security, Business Continuity Security, People Security, Product Security, Cloud and Network Infrastructure Security,
