Information Security Management System Sample Clauses

Information Security Management System. 1. A general security policy has been developed, along with specific security policies regarding organization security, information security, IT system security and security of people and property, all of them defining the basic objectives of the actions related to implementation of the policies. 2. General and specific security standards have been defined that implement the assumptions of the security policies in terms of information security, IT system security, and security of people and property. 3. Specific procedures and operating instructions have been developed for the implementation of the security standards in terms of information security, IT system security, and security of people and property. 4. The policies, standards, procedures, and instructions are subject to periodic reviews and revisions, to be approved by the Company’s top management. 5. A system to monitor changes in personal data processing legislation has been developed and put in place, and the continuity of its operations has been ensured.
AutoNDA by SimpleDocs
Information Security Management System. Box will maintain throughout the Term of the Agreement a comprehensive information security management system (the “ISMS”) which includes administrative, technical and physical safeguards designed to: (a) protect and secure Content from unauthorized access, use or disclosure; and (b) protect against anticipated threats or hazards to the security or integrity of Customer’s Content. The ISMS will be documented and kept current by Box based on changes to industry standard information security practices and legal and regulatory requirements applicable to Box.
Information Security Management System. Processes for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing
Information Security Management System. 2.1. Xxxx & Xxxxxx’x Information Security Polices set a clear direction for Information Security and demonstrate support for, and commitment to the management of Information Security throughout the company. 2.2. Information Security is managed through a stringent set of controls, including policies, processes, procedures, software, and hardware functions that constitute Xxxx & Xxxxxx’x Information Security Management System (ISMS). These controls are monitored, reviewed and, where necessary, improved to ensure that specific security and business objectives are met. 2.3. All Staff receive a comprehensive and mandatory induction and training programme on joining the company and an annual compliance refresher including Information Security and data protection. 2.4. The ultimate responsibility for Information Security lies with the Group Chief Information Officer but this responsibility is discharged through the designated role of Head of Information Security, who has primary responsibility for Information Security, Information Security risk and security incident management within Xxxx & Xxxxxx and acts as the central point of contact for Information Security for both Staff and external organisations. 2.5. Heads of Departments are responsible for enforcing Information Security Policies within their business areas and for adherence by their Staff. All Staff have a responsibility for Information Security; ensuring that they follow relevant company policies, processes, and procedures; have a general awareness of importance of Information Security and the potential risks; reporting any incidents, events, or potential weaknesses.
Information Security Management System. 8.10.1 Critical The Service Provider must develop and maintain an Information Security Management System (ISMS) and ensure alignment of their technical controls with both the Cyber Essentials scheme and the specific Census technical security controls.
Information Security Management System. Cloudinary has an ISMS (Information Security Management System) in place to evaluate risks to the security of data, to manage the assessment and treatment of these risks and to continually improve its information security. It includes all aspects of the company – people, processes, and systems – by applying a risk-based approach. Cloudinary ISMS has been inspired and based upon industry best practices, frameworks and standards such as ISO/IEC 27001:2013.
Information Security Management System. Cohesity implements an Information Security Management System (“ISMS”) that establishes security controls to meet its objectives. The ISMS is aligned to ISO 27001 and the NIST CyberSecurity Framework. The ISMS policy and associated controls are reviewed no less than once per annum.
AutoNDA by SimpleDocs
Information Security Management System. In carrying out the Works, the Contractor may be required to comply with Sarawak Energy's information security management system ("ISMS") requirements as may be notified by Sarawak Energy to the Contractor from time to time. Such requirements may include the vetting of those personnel required to work within identified restricted access zones across Sarawak Energy's generation, transmission and distribution assets, including any related IT networks and services. Subject to Sarawak Energy's specific ISMS requirements, the Contractor may also be required to establish its own procedures and protocol with respect to the security of any third party software required to be installed within Sarawak Energy's network.
Information Security Management System. Provider will maintain and continually make improvements to a documented information security management system in accordance with standard practices and accepted frameworks in Provider’s industry for the delivery of Services which its personnel are to be made aware of and comply with (“Information Security Management System”).

Related to Information Security Management System

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Information Management Information and Records

  • Cash Management System Each Borrower shall, and shall cause its Subsidiaries to, establish and maintain the Cash Management Systems described below:

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!