Information Security Management. Cengage has established a Security Organization, led by the company’s Chief Security Officer and staffed with dedicated security personnel. This organization is independent from the various divisions or business units that manage and operate IT systems within the company. The Security Organization consists of cross-divisional security teams leveraging a multi-disciplinary approach to compliance with cyber and information security standards, operational risk management, client security management, workforce protection and business resilience. Roles and responsibilities have been formally defined in writing for all members of the security team.
Information Security Management. IPSX has utilised the Cyber Essentials certification to assess and develop its cyber security measures and adheres to industry standards in this respect. IPSX has a Patch Management Policy and deploys security patch updates to external software components in a scheduled manner. Unsupported software is removed and software installation is monitored. Clearly defined starter, leaver and mover processes are in place and are adhered to. Anti-malware software is installed on all relevant devices.
Information Security Management. 15.1 The Provider shall provide the Administering Authority with either:
15.1.1 such evidence as the Administering Authority may reasonably require that the Provider has been certified and continues to be certified ISO 27001 Information Security Management compliant; or
15.1.2 a valid Cyber Essentials Scheme Basic Certificate, as a condition for the award of a contract(s) under this DPS Agreement.
15.2 Where the Provider continues to process Cyber Essentials Scheme Data during the Term or the contract period of any Contract the Provider shall deliver to the Administering Authority evidence of renewal of a valid Cyber Essentials Scheme Basic Certificate on each anniversary of the first applicable certificate obtained by the Provider under Clause 15.1 (Information Security Management).
15.3 In the event that the Provider fails to comply with Clauses 15.1 or 15.2 (Information Security Management), the Administering Authority reserves the right to terminate this DPS Agreement for material Default.
Information Security Management. The Contractor shall take all reasonable measures necessary to comply with the provisions of the International Standard ISO27001, “The Code of Practice for Information Security Management”, in connection with the provision of the Services.
Information Security Management iManage has appointed one or more security officers responsible for coordinating and monitoring security rules and procedures. iManage maintains an information security program designed to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. The information security program may be updated from time to time based on changes in applicable legal and regulatory requirements, best practices and industry standards related to privacy and data security.
Information Security Management. 3.1 The Supplier shall ensure that:-
(a) the roles and responsibilities for information security management are formally identified and documented;
(b) there is a formal documented approach to risk management;
(c) it carries out regular (and no less than once per annum) a risk assessment of the Services being supplied to CLIENT; and
(d) it has a documented process for resolving security related complaints.
3.2 The Supplier shall appoint an individual (or appropriate group), to co-ordinate and manage the information security programme within their organisation and in accordance with their information security policy.
3.3 The Supplier agrees that any system or process used by the Supplier for (but not limited to) gathering, storing, processing or transmitting End User Data shall be security assessed and it agrees that:
(a) if any vulnerabilities that pose a risk to any End User Data are discovered during any risk assessment, it shall rectify such vulnerabilities to CLIENT’s sole satisfaction in the time period agreed by the parties and at the Supplier’s cost; and
3.4 If it cannot rectify the vulnerability in the system or process as set out in paragraph 3.3(a) above, CLIENT shall have the right to terminate this Agreement with immediate effect by notice in writing to the Supplier. On receipt of CLIENT’s notice to terminate the Supplier shall refund CLIENT any fees or charges paid in advance for Services not yet received. In relation to any vulnerabilities mentioned in clause
Information Security Management. Leya uses an Information Security Management System (ISMS) certified under ISO/IEC 27001 as the basis for all security measures and Leya is currently ongoing the certification and internal audit to receive the certificate. The ISO/IEC 27001 standard provides guidelines and general principles for planning, implementing, maintaining, and improving information security in an organization.
Information Security Management. LogicMonitor shall maintain throughout the Term of the Agreement formal information security management program designed to protect the confidentiality, integrity and availability of Customer Data. The program shall be documented and updated based on changes in applicable legal and regulatory requirements related to privacy and data security practices and industry standards.
Information Security Management. The purpose of the information security management practice is to protect the information the organization needs to conduct business. This includes understanding and managing risks to the confidentiality, integrity, and availability of information, as well as other aspects of information security such as authentication (ensuring someone is who he claims to be) and non- repudiation (ensuring that someone cannot deny to have taken an action). 🠦 TrustBuilder has the necessary procedures in place with respect to the protection of the information in the Customer’s environment: - Data processing agreement; - GDPR register of data, privacy policies…; - Confidentiality clause with the staff. Our Software has been designed according to the principle of privacy by design, and is compliant with GDPR, including consent management verification. Specific security services include: - Internal security review after all changes; - Continuous vulnerability assessment of the production environment using automated tools; - Notification of significant security incidents to the Customer security team. Additional security measures include: - Follow-up and fixes of Customer or third-party penetration testing (lead by the Customer)
Information Security Management iManage maintains an information security program designed to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. The information security program may be updated from time to time based on changes in applicable legal and regulatory requirements, best practices and industry standards related to privacy and data security.
