Information Security Policies and Procedures Sample Clauses

Information Security Policies and Procedures. Axis will maintain information security policies and procedures designated to (i) help secure Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access when transmitted, stored or otherwise processed, (ii) identify reasonably foreseeable and internal risks to security and unauthorized access to the Services, and (iii) minimize security risks, including through risk assessment and regular testing.
Sample 1Sample 2Sample 3See All (12)
Information Security Policies and Procedures. Third Party/Supplier must have and comply with documented information security polices, standards and procedures to establish its control environment related to the protection of confidentiality, integrity and availability of Information. Policies and procedures must be reviewed, updated, and approved by senior management on an annual basis. If the use of personal devices to access Information or systems is allowed by Third Party/Supplier, a “bring your own device” policy must be implemented.
Sample 1
Information Security Policies and Procedures. Each of Participant and Program Administrator, on behalf of the Funding Providers, agrees that it has developed, implemented and will maintain at all relevant times contemplated by this Agreement effective information security policies and procedures that include administrative, technical and physical safeguards designed to (a) ensure the security and confidentiality of Customer Information, (b) protect against anticipated threats or hazards to the security or integrity of Customer Information, (c) protect against unauthorized access or use of Customer Information, (d) ensure the proper disposal of Customer Information, and
Sample 1

Related to Information Security Policies and Procedures

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.