INFORMATION SECURITY GOVERNANCE Sample Clauses

INFORMATION SECURITY GOVERNANCE. The information security function within Data Importer reports directly to a company executive. • A Security and Privacy Steering Committee made up of representatives from business, information security, and privacy meets regularly to discuss and review information security policies, projects, and practices. • A comprehensive set of information security policies and standards are documented, approved, and regularly reviewed. • Personnel with access to Personal Data are subject to confidentiality obligations.
Sample 1
AutoNDA by SimpleDocs
INFORMATION SECURITY GOVERNANCE. Signicat shall have a documented Information Security Management System (ISMS) aligned with ISO 27001:2013 (or subsequent versions), or a set of policies to that effect, and Signicat shall, prior to entering into this Contract and subsequently upon Customer request and reasonable advance notice, provide documentation thereof to the Customer. The ISMS, or set of policies, shall have top level management commitment. Signicat shall have a documented risk management process, with supporting procedures and controls that are effective and operational.
Sample 1
INFORMATION SECURITY GOVERNANCE. Empower employs Information Security Governance through its IT Security Board’s implementation of IT control standards and policies such as data classification, security awareness training, risk assessment, and risk analysis to identify the threats, classify assets, and rate their risks so that effective security controls can be implemented. In connection with its Services hereunder and as part of its Information Security Governance, Empower maintains stringent Information Security Policies which mandate the secure protection of Participant data. Empower personnel must complete initial privacy training at the time they are first employed with Empower and annually thereafter. All personnel attest annually to Empower’s Code of Business Conduct and Ethics, which enforces the tenets of the Information Security Policies.
Sample 1
INFORMATION SECURITY GOVERNANCE. 5.1 The Reseller will: 5.1.1 document its Information Security Management Framework, which shall be approved and endorsed by senior management; 5.1.2 ensure that information security roles and responsibilities are defined and allocated; 5.1.3 have in place or access to a specialist information security function, which has responsibility for integrating information security consistently into its business and IT function(s). The information security function shall be represented at a senior level within its organisation; 5.1.4 ensure that conflicting duties and areas of responsibility are segregated to reduce opportunities for unauthorised or unintentional modification or misuse of information assets; 5.1.5 ensure that information security is addressed in project management, regardless of the type of project; and 5.1.6 ensure that, in meeting each requirement and obligation set out in this Agreement, do so in a manner consistent with Good Industry Practice, including the selection, implementation and operation of available and proven security technologies, processes and procedures.
Sample 1
INFORMATION SECURITY GOVERNANCE. Information security management is a critical area that requires central intervention and governance. The Chief Information Security Officer will provide leadership, guidance and direction for enterprise-wide governance of information security management at Manulife Financial. The Information Security Office has the authority to define, and periodically modify information security standards, guidelines and processes, which support this Policy. They form part of the overall INFORMATION SECURITY MANAGEMENT PROGRAM (see the DATABASE) to enable compliance to this Policy. INFORMATION SECURITY MANAGEMENT PROGRAM KEY ELEMENTS OF THE PROGRAM The key elements of the Information Security Management Program are as follows:
Sample 1
INFORMATION SECURITY GOVERNANCE. As detailed in this Exhibit C, Partner will implement organizational, personnel, physical, and technical measures and controls designed to ensure the security and confidentiality of Personal Information and to prevent accidental, unauthorized, or unlawful destruction, alteration, disclosure, use, or access of Personal Information. Partner is responsible for compliance with the Security Measures by all of Partner’s directors, officers, and employees (“Partner Personnel”).
Sample 1

Related to INFORMATION SECURITY GOVERNANCE

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.

  • Securities Law Information The Participant acknowledges that he or she is permitted to sell the Shares acquired under the Plan through the designated broker appointed by the Company, provided the sale of the Shares takes place outside of Canada through facilities of a stock exchange on which the Shares are listed (i.e., the NYSE).

  • Experts, Advisers and Agents The Trustee may: (a) employ or retain and act and rely on the opinion or advice of or information obtained from any solicitor, auditor, valuer, engineer, surveyor, appraiser or other expert, whether obtained by the Trustee or by the Corporation, or otherwise, and shall not be liable for acting, or refusing to act, in good faith on any such opinion or advice and may pay proper and reasonable compensation for all such legal and other advice or assistance as aforesaid; and (b) employ such agents and other assistants as it may reasonably require for the proper discharge of its duties hereunder, and may pay reasonable remuneration for all services performed for it (and shall be entitled to receive reasonable remuneration for all services performed by it) in the discharge of the trusts hereof and compensation for all disbursements, costs and expenses made or incurred by it in the discharge of its duties hereunder and in the management of the trusts hereof and any solicitors employed or consulted by the Trustee may, but need not be, solicitors for the Corporation.

  • INFORMATION OF THE PARTIES Information of the Company Information of the Lessees

  • Personal Information security breach Supplier/Service Provider’s Obligations a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data. b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.

  • Membership Information The District shall take all reasonable and lawful steps to safeguard the privacy of CSEA members’ personal information, including but not limited to members Social Security Numbers, personal addresses, personal phone number, personal cellular phone number and status as a union member. The District shall take all reasonable and lawful steps to protect employees personal information in response to Public Records Act requests. The District shall use its best efforts to filter out outsiders’ emails to work email address that interfere with and/or disrupt employees work.

  • COMPLIANCE WITH NEW YORK STATE INFORMATION SECURITY BREACH AND NOTIFICATION ACT Contractor shall comply with the provisions of the New York State Information Security Breach and Notification Act (General Business Law Section 899-aa; State Technology Law Section 208).

  • KYC Information (i) Upon the reasonable request of the Lender made at least 1 day prior to the Closing Date, the Borrower shall have provided to the Lender the documentation and other information so requested in connection with applicable “know your customer” and anti-money-laundering rules and regulations, including the PATRIOT Act, in each case at least five days prior to the Closing Date. (ii) [reserved].

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!