Common use of Security Management System Clause in Contracts

Security Management System. ▪ Organization. Thinkstack Technology Pvt Ltd designates qualified security personnel whose responsibilities include development, implementation, and ongoing maintenance of the Information Security Program. ▪ Policies. Management reviews and supports all security related policies to ensure the security, availability, integrity and confidentiality of Customer Personal Data. These policies are updated at least once annually. ▪ Assessments. Thinkstack Technology Pvt Ltd engages a reputable independent third-party to perform risk assessments of all systems containing Customer Personal Data at least once annually. ▪ Risk Treatment. Thinkstack Technology Pvt Ltd maintains a formal and effective risk treatment program that includes penetration testing, vulnerability management and patch management to identify and protect against potential threats to the security, integrity or confidentiality of Customer Personal Data.