Information Security Management Framework Sample Clauses

Information Security Management Framework. Management of Information Security will be maintained to initiate and control the implementation of IT security measures within the organization in accordance with business requirements and relevant laws and regulations. The Director of Finance and Administration will maintain the IT security management framework, assign security roles and co-ordinate and review the implementation of information security across the College. Once a set of policies is defined they are to be submitted to the Policy Committee for review and to participate in the policy review and approval cycle. Once approved, the policies are published and communicated to employees and any relevant external parties that may be impacted by the change. This process would also occur with the review cycle timelines established by the Policy Committee. The criteria used during this evaluation includes current business requirements, risk assessments, relevant laws and regulations, and data risk assignment with high and low risk areas being clearly identified. The College’s IT Coordinator will be responsible and accountable for ensuring that the appropriate information security controls are implemented within the organization’s information systems. The management, development, review, and evaluation of IT security framework will be reviewed by the IT Coordinator and Director of Finance and Administration annually unless significant changes have occurred that would impact current policies. Examples that would initiate the review process include changes to the organizational environment, business circumstances, legal conditions, or technical environment within the College. This will ensure their continuing suitability, adequacy, and effectiveness of the information and the security measures in place. As part of the security within the College, local authorities (i.e. Law enforcement, Fire Department, etc.) as well as any external third parties (i.e. Support services, vendors, etc.) will be contacted to take action when required as outlined in the IT Disaster Recovery Plan (DRP) and the College Emergency Response Plan (ERP). These contacts and their associated information must be continually maintained to ensure business continuity and is a large part of the contingency planning process, and are to be reviewed on an ongoing basis. The IT Department as well as the supervisory staff within the College will be responsible for reviewing regulatory and legislative compliance with information processing and ...
Sample 1
AutoNDA by SimpleDocs

Related to Information Security Management Framework

  • Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.

  • Monitoring and Management Information C10.1 The Contractor shall comply with the monitoring arrangements set out in the Monitoring Schedule including, but not limited to, providing such data and information as the Contractor may be required to produce under the Contract.

  • Information Management Information and Records

  • PROCUREMENT LOBBYING To the extent this agreement is a "procurement contract" as defined by State Finance Law Sections 139-j and 139-k, by signing this agreement the contractor certifies and affirms that all disclosures made in accordance with State Finance Law Sections 139-j and 139-k are complete, true and accurate. In the event such certification is found to be intentionally false or intentionally incomplete, the State may terminate the agreement by providing written notification to the Contractor in accordance with the terms of the agreement.

  • Financial Management System Subrecipient shall establish and maintain a sound financial management system, based upon generally accepted accounting principles. Contractor’s system shall provide fiscal control and accounting procedures that will include the following:

  • Patch Management All workstations, laptops and other systems that process and/or 20 store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or 21 transmits on behalf of COUNTY must have critical security patches applied, with system reboot if 22 necessary. There must be a documented patch management process which determines installation 23 timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable 24 patches must be installed within thirty (30) calendar or business days of vendor release. Applications 25 and systems that cannot be patched due to operational reasons must have compensatory controls 26 implemented to minimize risk, where possible.

  • Monitoring Services IDT staff shall, using methods that include face-to-face and other contacts with the member, monitor the services a member receives. This monitoring shall ensure that:

  • Workload Management 11.1 The parties to this Agreement acknowledge that employees and management have a responsibility to maintain a balanced workload and recognise the adverse affects that excessive workloads may have on employee/s and the quality of resident/client care.

  • Project Management Project Management Institute (PMI) certified project manager executing any or all of the following: • Development of Project Charter • Development of project plan and schedule • Coordination and scheduling of project activities across customer and functional areas • Consultation on operational and infrastructure requirements, standards and configurations • Facilitate project status meetings • Timely project status reporting • Address project issues with functional areas and management • Escalation of significant issues to customers and executive management • Manage project scope and deliverable requirements • Document changes to project scope and schedule • Facilitate and document project closeout

  • Traffic Management The Customer will not utilize the Services in a manner which, in the view of the Centre Operator, significantly distorts traffic balance on the Centre Operator’s circuits which are shared with other users. If, in the reasonable view of the Centre Operator, the Customer’s traffic patterns cause or may cause such distortion, the Customer should have a dedicated circuit capability. If the Customer declines to do so then the Centre Operator may suspend the Services while the matter is being resolved. If there is no resolution within 5 business days then either party may terminate the Agreement.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!