Information Security Manager definition

Information Security Manager means the person appointed by the Contractor with the appropriate experience, authority and expertise to ensure that the Contractor complies with the Authority’s Security Requirements.
View Source
Information Security Manager means the person appointed by the Supplier with the appropriate experience, authority and expertise to ensure that the Supplier complies with the Authority’s Security Requirements. “Information shall mean the set of policies, processes and systems designed, Security implemented and maintained by the Supplier to manage Management Information Security Risk as certified by ISO/IEC 27001.
View Source
Information Security Manager means the person appointed by the Supplier with the appropriate experience, authority and expertise to ensure that the Supplier complies with the Buyer’s Security Requirements. “Information Security Management System (“ISMS”)” shall mean the set of policies, processes and systems designed, implemented and maintained by the Supplier to manage Information Security Risk as specified by ISO/IEC 27001. “Information Security Questionnaire” shall mean the Buyer’s set of questions used to audit and on an ongoing basis assure the Supplier’s compliance with the Buyer’s Security Requirements. “Information Security Risk” shall mean any risk that might adversely affect Information Security including, but not limited to, a Breach of Security. “ISO/IEC 27001, ISO/IEC 27002 and ISO 22301 shall mean a) ISO/IEC 27001; b) ISO/IEC 27002/IEC; and c) ISO 22301 in each case as most recently published by the International Organization for Standardization or its successor entity (the “ISO”) or the relevant successor or replacement information security standard which is formally recommended by the ISO. “NCSC” shall mean the National Cyber Security Centre or its successor entity (where applicable). “Penetration Test” shall mean a simulated attack on any Buyer assets, the Buyer’s systems environment (or any part thereof) or the Supplier’s systems environment (or any part thereof). “PCI DSS” shall mean the Payment Card Industry Data Security Standard as most recently published by the PCI Security Standards Council, LLC or its successor entity (the “PCI”). “Risk Profile” shall mean a description of any set of risk. The set of risks can contain those that relate to a whole organisation, part of an organisation or as otherwise applicable. “Security Test” shall include, but not be limited to, Penetration Test, Vulnerability Scan, Availability Test and any other security related test and audit. “Tigerscheme” shall mean a scheme for authorised penetration tests which scheme is managed by USW Commercial Services Ltd. “Vulnerability Scan” shall mean an ongoing activity to identify any potential vulnerability in any Buyer assets, the Buyer’s systems environment (or any part thereof) or the Supplier’s systems environment (or any part thereof).
View Source

Examples of Information Security Manager in a sentence

  • The Contractor shall notify the Authority of the identity of the Information Security Manager on the Commencement Date and, where applicable, within 5 Working Days following any change in the identity of the Information Security Manager.


More Definitions of Information Security Manager

Information Security Manager means the person appointed by the Contractor with the appropriate experience, authority and expertise to ensure that the Contractor complies with the Authority’s Security Requirements. “Information Security Management System (“ISMS”)” shall mean the set of policies, processes and systems designed, implemented and maintained by the Contractor to manage Information Security Risk as specified by ISO/IEC 27001. “Information Security Questionnaire” shall mean the Authority’s set of questions used to audit and on an ongoing basis assure the Contractor’s compliance with the Authority’s Security Requirements. c)
View Source
Information Security Manager means the person appointed by the Contractor with the appropriate experience, authority and expertise to ensure that the Contractor complies with the Authority’s Security Requirements. “Information shall mean the set of policies, Security processes and systems designed, Management implemented and maintained by the System Contractor to manage Information (“ISMS”)” Security Risk as specified by ISO/IEC 27001. “Information shall mean the Authority’s set of Security questions used to audit and on an Questionnaire” ongoing basis assure the Contractor’s compliance with the Authority’s Security Requirements. “Information shall mean any risk that might Security Risk” adversely affect Information Security including, but not limited to, a Breach of Security. “ISO/IEC 27001, ISO/IEC 27002 and ISO 22301 shall mean a) ISO/IEC 27001; b) ISO/IEC 27002/IEC; and c) ISO 22301 in each case as most recently published by the International Organization for Standardization or its successor entity (the “ISO”) or the relevant successor or replacement information security standard which is formally recommended by the ISO.
View Source
Information Security Manager means the person appointed by the Supplier with the appropriate experience, authority and expertise to ensure that the Supplier complies with the Buyer’s Security Requirements. “Information Security Management System (“ISMS”)” shall mean the set of policies, processes and systems designed, implemented and maintained by the Supplier to manage applicable Information Security Risk as certified by ISO/IEC 27001. “Information Security Questionnaire” shall mean the Buyer’s set of questions used to audit and on an ongoing basis assure the Supplier’s compliance with the Buyer’s Security Requirements, provided however, in the event there are no material changes to the Supplier’s environment, the Buyer may rely on a previously completed questionnaire or the Supplier shall provide a Cloud Security Alliance questionnaire or a Standard Information Gathering Questionnaire (SIG). “Information Security Risk” shall mean any risk that might adversely affect Information Security including, but not limited to, a Breach of Security. ISAE 3402 shall mean the International Standard on Assurance Engagements No. 3402 (ISAE) as most recently published by the International Auditing and Assurance Standards Board or its successor entity (“IAASB”) or the relevant successor or replacement standard which is formally recommended by the IAASB. “ISO/IEC 27001, ISO/IEC 27002 and ISO 22301 shall mean: (a) ISO/IEC 27001; (b) ISO/IEC 27002/IEC; and (c) ISO 22301, in each case as most recently published by the International Organization for Standardization or its successor entity (the “ISO”) or the relevant successor or replacement information security standard which is formally recommended by the ISO. “NCSC” shall mean the National Cyber Security Centre or its successor entity (where applicable). “Penetration Test” shall mean a simulated attack on any Buyer Assets, the Buyer’s Systems Environment (or any part thereof) or the Supplier’s Systems Environment (or any part thereof). “Risk Profile” shall mean a description of any set of risks. The set of risks can contain those that relate to a whole organisation, part of an organisation or as otherwise applicable. “Security Policies” shall mean the Buyer’s Security Policies published by the Buyer from time to time and shall include any successor, replacement or additional Security Policies. The Security Policies are set out in Annex A to this Schedule 8. “Security Policies and Standards” shall mean the Security Policies and the Security Standards. “...
View Source

Related to Information Security Manager

  • Information Security shall have the same meanings as the terms “information technology” and “information security”, respectively, in §24-37.5-102, C.R.S. Capitalized terms used herein and not otherwise defined herein or in the HIPAA Rules shall have the meanings ascribed to them in the Contract.

  • Information Security Program means the administrative, technical, and physical safeguards that a licensee uses to access, collect, distribute, process, protect, store, use, transmit, dispose of, or otherwise handle nonpublic information.