Security Questionnaires Clause Samples

Security Questionnaires. In addition to the annual review of audit reports, FBL may no more than once every twelve months, distribute questionnaires to Service Provider to inquire about control procedures, security activities, or internal policies and standards. Service Provider shall take reasonable steps upon receipt of any questionnaire to provide a complete and timely response

Security Questionnaires. Upon written request, and no more frequently than annually, Polygon will complete a written data security questionnaire of reasonable scope and duration regarding Polygon’s business practices and data technology environment. Polygon’s responses to the security questionnaire are Polygon’s confidential data. Polygon implements measures for ensuring system configuration, including default configuration measures for internal IT and IT security governance. Polygon relies on deployment automation tools to deploy infrastructure and system configuration. These automation tools leverage infrastructure configurations that are managed through code that flows through Polygon’s change control processes. Polygon’s change management processes require formal code reviews and two-party approvals prior to the release to production. Polygon uses monitoring tools to monitor production infrastructure for changes from known configuration baselines. Polygon implements and maintains data retention policies and procedures related to Personal Data and reviews these policies and procedures as appropriate.