{"component": "clause", "props": {"groups": [{"snippet": "Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.", "size": 36, "snippet_links": [{"key": "contractor-will", "type": "clause", "offset": [0, 15]}, {"key": "develop-and-implement", "type": "clause", "offset": [16, 37]}, {"key": "the-project-site", "type": "clause", "offset": [72, 88]}, {"key": "the-contractor-and-subcontractors", "type": "clause", "offset": [118, 151]}, {"key": "protection-of", "type": "definition", "offset": [177, 190]}, {"key": "contractor-and-owner", "type": "clause", "offset": [253, 273]}, {"key": "contractor-shall", "type": "clause", "offset": [275, 291]}, {"key": "responsible-for", "type": "clause", "offset": [302, 317]}, {"key": "tools-and-equipment", "type": "definition", "offset": [362, 381]}, {"key": "in-connection-with", "type": "clause", "offset": [416, 434]}, {"key": "the-work", "type": "definition", "offset": [435, 443]}], "samples": [{"hash": "8mFV86mAKk6", "uri": "/contracts/8mFV86mAKk6#security-program", "label": "Construction Contract", "score": 28.8780956268, "published": true}, {"hash": "8Z4aZnwEV7E", "uri": "/contracts/8Z4aZnwEV7E#security-program", "label": "Construction Contract", "score": 25.9048595428, "published": true}, {"hash": "OU3x09a010", "uri": "/contracts/OU3x09a010#security-program", "label": "Construction Contract", "score": 25.8761119843, "published": true}], "hash": "63877ba12c6ed7855c593489a084219c", "id": 1}, {"snippet": "While providing the Subscription Service, ServiceNow will maintain a written information security program of policies, procedures and controls governing the processing, storage, transmission and security of Customer Data (the \u201cSecurity Program\u201d). The Security Program includes industry-standard practices designed to protect Customer Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. ServiceNow regularly tests, assesses, and evaluates the effectiveness of the Security Program and may periodically review and update the Security Program to address new and evolving security technologies, changes to industry standard practices, and changing security threats, although no such update will materially reduce the commitments, protections or overall level of service provided to Customer as described herein.", "size": 11, "snippet_links": [{"key": "the-subscription-service", "type": "clause", "offset": [16, 40]}, {"key": "written-information-security-program", "type": "clause", "offset": [69, 105]}, {"key": "procedures-and-controls", "type": "clause", "offset": [119, 142]}, {"key": "the-processing", "type": "clause", "offset": [153, 167]}, {"key": "security-of-customer-data", "type": "clause", "offset": [195, 220]}, {"key": "the-security", "type": "clause", "offset": [247, 259]}, {"key": "unauthorized-disclosure", "type": "definition", "offset": [398, 421]}, {"key": "effectiveness-of-the", "type": "clause", "offset": [490, 510]}, {"key": "review-and-update", "type": "clause", "offset": [549, 566]}, {"key": "changes-to", "type": "clause", "offset": [639, 649]}, {"key": "industry-standard-practices", "type": "definition", "offset": [650, 677]}, {"key": "the-commitments", "type": "clause", "offset": [757, 772]}, {"key": "service-provided", "type": "clause", "offset": [806, 822]}, {"key": "to-customer", "type": "clause", "offset": [823, 834]}], "samples": [{"hash": "dg9DZJunmYe", "uri": "/contracts/dg9DZJunmYe#security-program", "label": "Subscription Service Agreement", "score": 35.2261009216, "published": true}, {"hash": "aWMJs5uRJZ6", "uri": "/contracts/aWMJs5uRJZ6#security-program", "label": "Master Subscription Service Agreement", "score": 30.3672714233, "published": true}, {"hash": "5v2pWGwHQ1k", "uri": "/contracts/5v2pWGwHQ1k#security-program", "label": "Ordering Agreement", "score": 26.2799453735, "published": true}], "hash": "25e3a29557f7250b184c67d22d64bd0f", "id": 7}, {"snippet": "Develop and implement an effective security program for the Project Site, which program shall require the Design-Builder and the Trade Contractors to take measures for the protection of their tools, materials, equipment, and structures. As between Design-Builder and Owner, Design-Builder shall be solely responsible for security against theft of and damage to all tools and equipment of every kind and nature used in connection with the Work, regardless of by whom owned.", "size": 17, "snippet_links": [{"key": "develop-and-implement", "type": "clause", "offset": [0, 21]}, {"key": "the-project-site", "type": "clause", "offset": [56, 72]}, {"key": "the-design", "type": "clause", "offset": [102, 112]}, {"key": "trade-contractors", "type": "definition", "offset": [129, 146]}, {"key": "protection-of", "type": "definition", "offset": [172, 185]}, {"key": "responsible-for", "type": "clause", "offset": [305, 320]}, {"key": "tools-and-equipment", "type": "definition", "offset": [365, 384]}, {"key": "in-connection-with", "type": "clause", "offset": [415, 433]}, {"key": "the-work", "type": "definition", "offset": [434, 442]}], "samples": [{"hash": "iRw5lY7fyjK", "uri": "/contracts/iRw5lY7fyjK#security-program", "label": "Design Build Contract", "score": 34.5430831909, "published": true}, {"hash": "2IvsvLuWUB", "uri": "/contracts/2IvsvLuWUB#security-program", "label": "Design Build Contract", "score": 34.5223617554, "published": true}, {"hash": "c53NTyeRv2A", "uri": "/contracts/c53NTyeRv2A#security-program", "label": "Design Build Contract", "score": 33.5207176208, "published": true}], "hash": "170325d5031cfa58341fa83ea413970b", "id": 3}, {"snippet": "DST shall maintain a comprehensive information security program under which DST documents, implements and maintains the physical, administrative, and technical safeguards reasonably designed and implemented to: (a) comply with U.S. laws applicable to DST\u2019s business and (b) protect the confidentiality, integrity, availability, and security of Fund Confidential Information. Such program shall align with the National Institute of Security and Technology (\u201cNIST\u201d) security framework.", "size": 22, "snippet_links": [{"key": "comprehensive-information-security-program", "type": "clause", "offset": [21, 63]}, {"key": "technical-safeguards", "type": "clause", "offset": [150, 170]}, {"key": "comply-with", "type": "clause", "offset": [215, 226]}, {"key": "applicable-to", "type": "clause", "offset": [237, 250]}, {"key": "security-of", "type": "clause", "offset": [332, 343]}, {"key": "fund-confidential-information", "type": "definition", "offset": [344, 373]}, {"key": "national-institute", "type": "definition", "offset": [409, 427]}, {"key": "security-and", "type": "clause", "offset": [431, 443]}, {"key": "security-framework", "type": "clause", "offset": [464, 482]}], "samples": [{"hash": "d7MPrNmZdoK", "uri": "/contracts/d7MPrNmZdoK#security-program", "label": "Transfer Agency and Service Agreement (Tiaa-Cref Life Funds)", "score": 32.3045845032, "published": true}, {"hash": "9aKsxRm4x8A", "uri": "/contracts/9aKsxRm4x8A#security-program", "label": "Transfer Agency and Service Agreement (Nuveen Investment Trust Iii)", "score": 32.0746078491, "published": true}, {"hash": "9HummoJQwAc", "uri": "/contracts/9HummoJQwAc#security-program", "label": "Transfer Agency and Service Agreement (Nuveen Investment Trust V)", "score": 32.0746078491, "published": true}], "hash": "67d16e69dadb6d41ecb56b03ac96bc6e", "id": 2}, {"snippet": "Coinbase\u2019s information security program is centrally managed by its Global Security & Privacy departments, which is responsible for managing security across all global locations, all Coinbase products and services, and engagement of Coinbase sub processors. The framework for Coinbase\u2019s information security program includes operational, administrative, technical, and physical safeguards reasonably designed to protect the confidentiality, integrity, and availability of sensitive data, including customer data, and is aligned to the NIST Cybersecurity Framework. Coinbase employs numerous defense-in-depth strategies to secure information assets, utilizing industry guidelines from NIST. Coinbase\u2019s Chief Security Officer (CSO) meets on a regular basis with executive management and the Board of Directors to discuss security risks, issues, and company-wide security initiatives. Internal information security policies and standards are reviewed, assessed, and updated on at least an annual basis, and are made available to all Coinbase employees.", "size": 15, "snippet_links": [{"key": "information-security-program", "type": "definition", "offset": [11, 39]}, {"key": "security-privacy", "type": "clause", "offset": [75, 93]}, {"key": "for-managing", "type": "clause", "offset": [128, 140]}, {"key": "products-and-services", "type": "clause", "offset": [192, 213]}, {"key": "engagement-of", "type": "clause", "offset": [219, 232]}, {"key": "the-framework", "type": "clause", "offset": [258, 271]}, {"key": "physical-safeguards", "type": "clause", "offset": [369, 388]}, {"key": "availability-of", "type": "clause", "offset": [456, 471]}, {"key": "sensitive-data", "type": "clause", "offset": [472, 486]}, {"key": "customer-data", "type": "clause", "offset": [498, 511]}, {"key": "nist-cybersecurity-framework", "type": "clause", "offset": [535, 563]}, {"key": "information-assets", "type": "definition", "offset": [629, 647]}, {"key": "industry-guidelines", "type": "definition", "offset": [659, 678]}, {"key": "chief-security-officer", "type": "definition", "offset": [701, 723]}, {"key": "on-a-regular-basis", "type": "definition", "offset": [736, 754]}, {"key": "executive-management", "type": "definition", "offset": [760, 780]}, {"key": "the-board-of-directors", "type": "clause", "offset": [785, 807]}, {"key": "to-discuss", "type": "definition", "offset": [808, 818]}, {"key": "security-risks", "type": "clause", "offset": [819, 833]}, {"key": "and-company", "type": "clause", "offset": [843, 854]}, {"key": "information-security-policies-and-standards", "type": "clause", "offset": [891, 934]}, {"key": "annual-basis", "type": "clause", "offset": [986, 998]}, {"key": "available-to", "type": "definition", "offset": [1013, 1025]}], "samples": [{"hash": "f4TDfuETBFV", "uri": "/contracts/f4TDfuETBFV#security-program", "label": "Coinbase Prime Broker Agreement (Grayscale Avalanche Trust (AVAX))", "score": 35.1642723083, "published": true}, {"hash": "5Hitmw8hyKD", "uri": "/contracts/5Hitmw8hyKD#security-program", "label": "Coinbase Prime Broker Agreement (Grayscale Sui Trust (SUI))", "score": 35.1286773682, "published": true}, {"hash": "3uvGhtSaovV", "uri": "/contracts/3uvGhtSaovV#security-program", "label": "Coinbase Prime Broker Agreement (Grayscale Chainlink Trust (LINK))", "score": 34.8631057739, "published": true}], "hash": "bdfd006cd9242ef7f2095477d633013e", "id": 4}, {"snippet": "We have implemented and will maintain an information security program that follows generally accepted system security principles embodied in the ISO 27001 standard designed to protect the Customer Data as appropriate to the nature and scope of the Services provided. PureCloud\u2019s Security & Compliance Team maintaining the information security program includes experienced professionals holding a wide range of certifications in both security and privacy. The information security program includes at least the following elements:", "size": 10, "snippet_links": [{"key": "information-security-program", "type": "definition", "offset": [41, 69]}, {"key": "generally-accepted", "type": "definition", "offset": [83, 101]}, {"key": "security-principles", "type": "definition", "offset": [109, 128]}, {"key": "iso-27001", "type": "definition", "offset": [145, 154]}, {"key": "the-customer-data", "type": "clause", "offset": [184, 201]}, {"key": "the-services-provided", "type": "clause", "offset": [244, 265]}, {"key": "compliance-team", "type": "clause", "offset": [290, 305]}, {"key": "the-information", "type": "clause", "offset": [318, 333]}, {"key": "wide-range", "type": "definition", "offset": [396, 406]}, {"key": "security-and-privacy", "type": "clause", "offset": [433, 453]}], "samples": [{"hash": "jfEsmiBddfP", "uri": "/contracts/jfEsmiBddfP#security-program", "label": "Genesys Cloud Service Agreement", "score": 31.136472702, "published": true}, {"hash": "bvIHFY1krXQ", "uri": "/contracts/bvIHFY1krXQ#security-program", "label": "Purecloud Service Agreement", "score": 30.7231292725, "published": true}, {"hash": "cy29jNBFmi8", "uri": "/contracts/cy29jNBFmi8#security-program", "label": "Purecloud Service Agreement", "score": 30.5233020782, "published": true}], "hash": "a67c571510a0737e81e9395338f965d2", "id": 9}, {"snippet": "The Transfer Agent shall maintain a comprehensive information security program under which the Transfer Agent documents, implements and maintains the physical, administrative, and technical safeguards reasonably designed and implemented to: (a) comply with U.S. laws applicable to the Transfer Agent\u2019s business and (b) protect the confidentiality, integrity, availability, and security of Customer Confidential Information.", "size": 15, "snippet_links": [{"key": "the-transfer-agent-shall", "type": "clause", "offset": [0, 24]}, {"key": "comprehensive-information-security-program", "type": "clause", "offset": [36, 78]}, {"key": "technical-safeguards", "type": "clause", "offset": [180, 200]}, {"key": "comply-with", "type": "clause", "offset": [245, 256]}, {"key": "applicable-to", "type": "clause", "offset": [267, 280]}, {"key": "customer-confidential-information", "type": "clause", "offset": [389, 422]}], "samples": [{"hash": "9N1XZWuEAPN", "uri": "/contracts/9N1XZWuEAPN#security-program", "label": "Transfer Agency and Service Agreement (Allspring Funds Trust)", "score": 36.5592079163, "published": true}, {"hash": "17pZr5iUfNi", "uri": "/contracts/17pZr5iUfNi#security-program", "label": "Transfer Agency and Service Agreement (Allspring Variable Trust)", "score": 36.3073234558, "published": true}, {"hash": "kljXqQEQ4JF", "uri": "/contracts/kljXqQEQ4JF#security-program", "label": "Transfer Agency and Service Agreement (Allspring Funds Trust)", "score": 35.8090362549, "published": true}], "hash": "9fdf602ecc2f912ebeed82fcc92cad22", "id": 5}, {"snippet": "Licensor will, consistent with industry standard practices, implement and maintain a security program: (a) to maintain the security and confidentiality of Confidential Information; and (b) to protect Confidential Information from known or reasonably anticipated threats or hazards to its security, availability and integrity, including accidental loss, unauthorized use, access, alteration or disclosure. Licensor will safeguard \u2587\u2587\u2587\u2587\u2587\u2019s Confidential Information with at least the degree of care it uses to protect its own confidential information of a like nature and no less than a reasonable degree of care. Without limitation, Licensor\u2019s policies will require, and the safeguards to be implemented by Licensor, will include at a minimum, but without limitation to, the following:\n1.1 appropriate administrative controls, such as communication of all applicable information security policies, information security and confidentiality training, and assignment of unique access credentials (which shall be revoked upon termination);\n1.2 controls to ensure the physical safety and security of all facilities (including third party locations) where Confidential Information may be processed or stored, including, at a minimum, locked doors and keys/key cards to access any facility and a business continuity plan that is regularly reviewed and updated;\n1.3 controls to limit access to Licensor\u2019s systems and Confidential Information, including a password policy for all Personnel that access Confidential Information and a prohibition on the use of shared credentials for users and/or systems; and\n1.4 regular testing and evaluation of the effectiveness of the safeguards for the protection of Confidential Information.", "size": 14, "snippet_links": [{"key": "licensor-will", "type": "clause", "offset": [0, 13]}, {"key": "consistent-with", "type": "clause", "offset": [15, 30]}, {"key": "industry-standard-practices", "type": "definition", "offset": [31, 58]}, {"key": "to-maintain", "type": "clause", "offset": [107, 118]}, {"key": "the-security", "type": "clause", "offset": [119, 131]}, {"key": "confidentiality-of-confidential-information", "type": "clause", "offset": [136, 179]}, {"key": "information-from", "type": "clause", "offset": [213, 229]}, {"key": "accidental-loss", "type": "definition", "offset": [336, 351]}, {"key": "unauthorized-use", "type": "clause", "offset": [353, 369]}, {"key": "degree-of-care", "type": "clause", "offset": [480, 494]}, {"key": "information-of-a", "type": "clause", "offset": [535, 551]}, {"key": "by-licensor", "type": "clause", "offset": [701, 712]}, {"key": "without-limitation-to", "type": "clause", "offset": [745, 766]}, {"key": "administrative-controls", "type": "definition", "offset": [799, 822]}, {"key": "communication-of", "type": "clause", "offset": [832, 848]}, {"key": "information-security-policies", "type": "definition", "offset": [864, 893]}, {"key": "confidentiality-training", "type": "clause", "offset": [920, 944]}, {"key": "assignment-of", "type": "clause", "offset": [950, 963]}, {"key": "access-credentials", "type": "definition", "offset": [971, 989]}, {"key": "upon-termination", "type": "clause", "offset": [1014, 1030]}, {"key": "to-ensure", "type": "clause", "offset": [1046, 1055]}, {"key": "security-of", "type": "clause", "offset": [1080, 1091]}, {"key": "all-facilities", "type": "clause", "offset": [1092, 1106]}, {"key": "third-party-locations", "type": "definition", "offset": [1118, 1139]}, {"key": "where-confidential-information", "type": "clause", "offset": [1141, 1171]}, {"key": "key-cards", "type": "clause", "offset": [1247, 1256]}, {"key": "business-continuity-plan", "type": "clause", "offset": [1286, 1310]}, {"key": "to-licensor", "type": "definition", "offset": [1380, 1391]}, {"key": "policy-for", "type": "definition", "offset": [1453, 1463]}, {"key": "all-personnel", "type": "clause", "offset": [1464, 1477]}, {"key": "confidential-information-and", "type": "clause", "offset": [1490, 1518]}, {"key": "for-users", "type": "clause", "offset": [1566, 1575]}, {"key": "testing-and-evaluation", "type": "clause", "offset": [1608, 1630]}, {"key": "effectiveness-of-the", "type": "clause", "offset": [1638, 1658]}, {"key": "protection-of-confidential-information", "type": "clause", "offset": [1678, 1716]}], "samples": [{"hash": "kTXnCSphMMp", "uri": "/contracts/kTXnCSphMMp#security-program", "label": "Standard Contract for Aws Marketplace", "score": 33.1330299377, "published": true}, {"hash": "ko2zC2Vvf20", "uri": "/contracts/ko2zC2Vvf20#security-program", "label": "End User License Agreement (Eula)", "score": 31.888004303, "published": true}, {"hash": "7A9fUVWlkHj", "uri": "/contracts/7A9fUVWlkHj#security-program", "label": "Saas Services Agreement", "score": 31.8875274658, "published": true}], "hash": "3363586d0aff3ef3f511b7b181d6d4ca", "id": 6}, {"snippet": "We have implemented and will maintain an information security program that follows generally accepted system security principles embodied in the SOC-2 standard designed to protect the Customer Data as appropriate to the nature and scope of the Services provided. The information security program includes at least the following elements:", "size": 10, "snippet_links": [{"key": "information-security-program", "type": "definition", "offset": [41, 69]}, {"key": "generally-accepted", "type": "definition", "offset": [83, 101]}, {"key": "security-principles", "type": "definition", "offset": [109, 128]}, {"key": "the-customer-data", "type": "clause", "offset": [180, 197]}, {"key": "the-services-provided", "type": "clause", "offset": [240, 261]}, {"key": "the-information", "type": "clause", "offset": [263, 278]}], "samples": [{"hash": "helxJ1KnMXs", "uri": "/contracts/helxJ1KnMXs#security-program", "label": "Data Processing Addendum", "score": 36.429233551, "published": true}, {"hash": "dTYBy92Zwz5", "uri": "/contracts/dTYBy92Zwz5#security-program", "label": "Data Processing Addendum", "score": 36.2168579102, "published": true}, {"hash": "lAbL1Be4prK", "uri": "/contracts/lAbL1Be4prK#security-program", "label": "Data Processing Addendum", "score": 36.1937446594, "published": true}], "hash": "7efffda25c3d183d4340e3f2787d7d46", "id": 8}, {"snippet": "Develop and implement an effective security program for the Project Site, which program shall require the CM/GC and the Trade Contractors to take measures for the protection of their tools, materials, equipment, and structures. As between CM/GC and Owner, CM/GC shall be solely responsible for security against theft of and damage to all tools and equipment of every kind and nature used in connection with the Work, regardless of by whom owned.", "size": 6, "snippet_links": [{"key": "develop-and-implement", "type": "clause", "offset": [0, 21]}, {"key": "the-project-site", "type": "clause", "offset": [56, 72]}, {"key": "require-the", "type": "clause", "offset": [94, 105]}, {"key": "trade-contractors", "type": "definition", "offset": [120, 137]}, {"key": "protection-of", "type": "definition", "offset": [163, 176]}, {"key": "responsible-for", "type": "clause", "offset": [278, 293]}, {"key": "tools-and-equipment", "type": "definition", "offset": [338, 357]}, {"key": "in-connection-with", "type": "clause", "offset": [388, 406]}, {"key": "the-work", "type": "definition", "offset": [407, 415]}], "samples": [{"hash": "hCK02EWimCZ", "uri": "/contracts/hCK02EWimCZ#security-program", "label": "Construction Management Agreement", "score": 31.3390369415, "published": true}, {"hash": "ilDxALkVjCl", "uri": "/contracts/ilDxALkVjCl#security-program", "label": "Construction Management Agreement", "score": 29.9292926788, "published": true}, {"hash": "letx4joTWqV", "uri": "/contracts/letx4joTWqV#security-program", "label": "Construction Management Agreement", "score": 27.7530860901, "published": true}], "hash": "ef168eec532006776660f43e0e1a554e", "id": 10}], "next_curs": "ClkSU2oVc35sYXdpbnNpZGVyY29udHJhY3RzcjULEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IhlzZWN1cml0eS1wcm9ncmFtIzAwMDAwMDBhDKIBAmVuGAAgAA==", "clause": {"size": 369, "children": [["policies-and-procedures", "Policies and Procedures"], ["security-awareness-and-training", "Security Awareness and Training"], ["data-storage-and-backup", "Data Storage and Backup"], ["change-management", "Change Management"], ["", ""]], "title": "Security Program", "parents": [["construction-management-plan", "Construction Management Plan"], ["full-agreement", "Full Agreement"], ["entire-agreement", "Entire Agreement"], ["general-requirements", "General Requirements"], ["definitions", "Definitions"]], "id": "security-program", "related": [["security-protocols", "Security Protocols", "Security Protocols"], ["information-security-program", "Information Security Program", "Information <strong>Security Program</strong>"], ["security-procedure", "Security Procedure", "Security Procedure"], ["security-procedures", "Security Procedures", "Security Procedures"], ["security-plan", "Security Plan", "Security Plan"]], "related_snippets": [], "updated": "2026-03-20T04:26:16+00:00", "also_ask": ["What minimum security standards should be mandated to ensure enforceability?", "How can the clause be negotiated to allocate liability for data breaches?", "What are the most common drafting omissions that weaken this clause?", "How does this clause compare to industry best practices and regulatory requirements?", "What evidence is needed to prove compliance or breach in court?"], "drafting_tip": "Specify minimum security standards to ensure baseline protection, require regular audits to verify compliance, and mandate incident reporting to enable prompt response to breaches.", "explanation": "The Security Program clause establishes the requirement for an organization to implement and maintain a comprehensive set of security measures to protect sensitive data and systems. Typically, this clause outlines the standards or frameworks the organization must follow, such as industry best practices or specific regulatory requirements, and may require regular assessments or audits to ensure compliance. Its core practical function is to mitigate the risk of data breaches and unauthorized access, thereby safeguarding both parties' interests and ensuring trust in the handling of confidential information."}, "json": true, "cursor": ""}}