Information Security Policy Review Sample Clauses

Information Security Policy Review. Cengage reviews its information security policy at least once per year or whenever there are major changes impacting the functionality of Cengage’s information systems.
AutoNDA by SimpleDocs

Related to Information Security Policy Review

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.

  • Security Policy As part of PCI DSS, the Card Organizations require that you have a security policy that covers the security of credit card information.

  • Security Policies IBM maintains privacy and security policies that are communicated to IBM employees. IBM requires privacy and security training to personnel who support IBM data centers. We have an information security team. IBM security policies and standards are reviewed and re-evaluated annually. IBM security incidents are handled in accordance with a comprehensive incident response procedure.

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Safety Policy The City agrees to maintain in safe working condition all facilities and equipment furnished by the City to carry out the duties of each bargaining unit position, but reserves the right to determine what those facilities and equipment shall be. The Association agrees to work cooperatively in maintaining safety in the Xenia/Xxxxxx Central Communications Center.

  • Personal Information security breach Supplier/Service Provider’s Obligations a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data. b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved. c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise. d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.

  • Contractor and Employee Security Precautions The security aspects of working at the Correctional Facility are critical. The following security precautions are part of the site conditions and are a part of this Contract. All persons coming on the site in any way connected with this Work shall be made aware of them, and it is the (General) Contractor’s responsibility to check and enforce them.

  • Policy Statement The RSU Award grant the Company is making under the Plan is unilateral and discretionary and, therefore, the Company reserves the absolute right to amend it and discontinue it at any time without any liability. The Company, with registered offices at Xxx Xxxxxx Xxxxxxxxx, #00-00, Xxxxxxxxx 000000, is solely responsible for the administration of the Plan, and participation in the Plan and the grant of the RSU Award do not, in any way, establish an employment relationship between the Participant and the Company since he or she is participating in the Plan on a wholly commercial basis and the sole employer is Availmed Servicios S.A. de C.V., Grupo Flextronics S.A. de C.V., Flextronics Servicios Guadalajara S.A. de C.V., Flextronics Servicios Mexico S. de X.X. de C.V. and Flextronics Aguascalientes Servicios S.A. de C.V., nor does it establish any rights between the Participant and the Employer. Plan Document Acknowledgment. By accepting the RSU Award, the Participant acknowledges that he or she has received copies of the Plan, has reviewed the Plan and the Agreement in their entirety, and fully understands and accepts all provisions of the Plan and the Agreement. In addition, the Participant further acknowledges that he or she has read and specifically and expressly approves the terms and conditions in the Nature of Grant section of the Agreement, in which the following is clearly described and established: (i) participation in the Plan does not constitute an acquired right; (ii) the Plan and participation in the Plan is offered by the Company on a wholly discretionary basis; (iii) participation in the Plan is voluntary; and (iv) the Company and any Parent, Subsidiary or Affiliates are not responsible for any decrease in the value of the Shares acquired upon vesting of the RSU Award. Finally, the Participant hereby declares that he or she does not reserve any action or right to bring any claim against the Company for any compensation or damages as a result of his or her participation in the Plan and therefore grants a full and broad release to the Employer, the Company and any Parent, Subsidiary or Affiliates with respect to any claim that may arise under the Plan.

  • Quality Assurance Program An employee shall be entitled to leave of absence without loss of earnings from her or his regularly scheduled working hours for the purpose of writing examinations required by the College of Nurses of Ontario arising out of the Quality Assurance Program.

  • Drug and Alcohol Policy 67.1 The Parties agree to apply the Drug and Alcohol Management Program (as amended from time to time) contained in Appendix G. 67.2 The Employer may refer an Employee affected by drugs or alcohol to the services provided by Incolink.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!