Information Security Policies. And Guidelines For Access To Computers, Networks and Information By Non-Employee Personnel:
Information Security Policies. 1.3.1. The Company shall have a defined and documented information security management system including an information security policy and procedures in place, which shall be approved by Company’s management. They shall be published within Company´s organization and communicated to relevant Company personnel.
Information Security Policies. With respect to any information systems you use to store or process PII, you are responsible for ensuring that the owner(s) and operator(s) of such information systems implement and maintain policies and procedures that address the following areas:
Information Security Policies. Sumo Logic will implement, maintain, and adhere to its internal information security and privacy policies that address the roles and responsibilities of Sumo Logic ’s personnel, including both technical and non-technical personnel, who have direct or indirect access to Your Data in connection with providing the Services. All Sumo Logic personnel with access to Your Data will receive annual training on Sumo Logic ’s ISMP.
Information Security Policies. A. Contractor must have, and upon request by the DOE shall promptly provide the DOE with copies of its, information security policies that cover the following elements:
Information Security Policies. As part of the ISMS, Box will implement, maintain, and adhere to its internal information security and privacy policies that address the roles and responsibilities of Box Personnel, including both technical and non-technical Box Personnel, who have direct or indirect access to Content in connection with providing the Box Service. Box’s information security policies provide for continual assessment and re-assessment of the risks to the security of the Box Service, including: (a) identification of internal and external threats that could result in a Security Breach (as defined below); (b) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of Content; and (c) assessment of the sufficiency of the policies, procedures and information systems of Box, and other arrangements in place, to control risks. Additionally, Box’s information security policies address appropriate protection against such risks. Box’s information security policies shall, at a minimum, include:
Information Security Policies. Administrator will implement, maintain and periodically review (no less frequently than annually) written policies and procedures that address the following areas:
Information Security Policies. The Data Recipient must have in place and adhere to internal information security and privacy policies that address the roles and responsibilities of the Data Recipient's personnel, including both technical and non-technical personnel, who have direct or indirect access to the Data. These internal security and privacy policies must, at a minimum, include: security policy; organization of information security; asset management; human resources security; physical and environment security; communications and operations management; access control; information systems procurement, development and maintenance; information security incident management; business continuity management; and compliance.
Information Security Policies. Processor has written policies describing the technical and organizational measures implemented for information security. The security policies consider the real risks the Personal Data are exposed to. They include a description of how to manage security incidents, a description of the awareness-raising process for the policies within the organization and a description of the various responsibilities and organizational rules. The security policies have been approved by the relevant persons in the organization and have been adequately disseminated within the organization. A reassessment of these technical and organizational measures is performed on a regular basis in order to ensure that the goals and the measures taken remain up-to-date so that improvements can be made if necessary. Security controls are updated in the event of any reorganization or modification of infrastructure. The security policies will be adapted where necessary as a result of modifications or reassessment. Xxxxxxxxx has appointed a Chief Information Security Officer, who oversees the implementation of the security policies. The Chief Information Security Officer possesses the necessary competences, is adequately trained and will not be able to discharge any function or take up any responsibility that is incompatible with that of a Chief Information Security Officer.
Information Security Policies. 14.1 Vendor has documented and published a set of information security policies that are aligned to industry best practices and standards for information security and reviewed periodically. Those policies address the following:
