INFORMATION SECURITY GOVERNANCE Sample Clauses

INFORMATION SECURITY GOVERNANCE. 5.1 The Reseller will:
Sample 1
AutoNDA by SimpleDocs
INFORMATION SECURITY GOVERNANCE. Information security management is a critical area that requires central intervention and governance. The Chief Information Security Officer will provide leadership, guidance and direction for enterprise-wide governance of information security management at Manulife Financial. The Information Security Office has the authority to define, and periodically modify information security standards, guidelines and processes, which support this Policy. They form part of the overall INFORMATION SECURITY MANAGEMENT PROGRAM (see the DATABASE) to enable compliance to this Policy. INFORMATION SECURITY MANAGEMENT PROGRAM KEY ELEMENTS OF THE PROGRAM The key elements of the Information Security Management Program are as follows:
Sample 1
INFORMATION SECURITY GOVERNANCE. Empower employs Information Security Governance through its IT Security Board’s implementation of IT control standards and policies such as data classification, security awareness training, risk assessment, and risk analysis to identify the threats, classify assets, and rate their risks so that effective security controls can be implemented. In connection with its Services hereunder and as part of its Information Security Governance, Empower maintains stringent Information Security Policies which mandate the secure protection of Participant data. Empower personnel must complete initial privacy training at the time they are first employed with Empower and annually thereafter. All personnel attest annually to Empower’s Code of Business Conduct and Ethics, which enforces the tenets of the Information Security Policies.
Sample 1
INFORMATION SECURITY GOVERNANCE. Signicat shall have a documented Information Security Management System (ISMS) aligned with ISO 27001:2013 (or subsequent versions), or a set of policies to that effect, and Signicat shall, prior to entering into this Contract and subsequently upon Customer request and reasonable advance notice, provide documentation thereof to the Customer. The ISMS, or set of policies, shall have top level management commitment. Signicat shall have a documented risk management process, with supporting procedures and controls that are effective and operational.
Sample 1
INFORMATION SECURITY GOVERNANCE. As detailed in this Exhibit C, Partner will implement organizational, personnel, physical, and technical measures and controls designed to ensure the security and confidentiality of Personal Information and to prevent accidental, unauthorized, or unlawful destruction, alteration, disclosure, use, or access of Personal Information. Partner is responsible for compliance with the Security Measures by all of Partner’s directors, officers, and employees (“Partner Personnel”).
Sample 1
INFORMATION SECURITY GOVERNANCE. The information security function within Data Importer reports directly to a company executive. • A Security and Privacy Steering Committee made up of representatives from business, information security, and privacy meets regularly to discuss and review information security policies, projects, and practices. • A comprehensive set of information security policies and standards are documented, approved, and regularly reviewed. • Personnel with access to Personal Data are subject to confidentiality obligations.
Sample 1

Related to INFORMATION SECURITY GOVERNANCE

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!