Information Security Program. (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
(2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program.
(3) DTI shall comply with its Information Security Program.
Information Security Program. AWS will maintain an information security program (including the adoption and enforcement of internal policies and procedures) designed to (a) help Customer secure Customer Data against accidental or unlawful loss, access or disclosure, (b) identify reasonably foreseeable and internal risks to security and unauthorised access to the AWS Network, and (c) minimise security risks, including through risk assessment and regular testing. AWS will designate one or more employees to coordinate and be accountable for the information security program. The information security program will include the following measures:
Information Security Program. The Plan Processor shall develop and maintain a comprehensive information security program for the Central Repository, to be approved and reviewed at least annually by the Operating Committee, and which contains at a minimum the specific requirements detailed in Appendix D, Data Security.
Information Security Program. TCI shall maintain a comprehensive written information security program that contains administrative, technical, and physical safeguards compliant with applicable law (the “Security Program”) designed to (i) protect the confidentiality, integrity and availability of Customer Information; (ii) protect against anticipated threats or hazards to the security, confidentiality, integrity and/or availability of Customer Information; (iii) protect against any unauthorized access, disclosure or use of Customer Information; (iv) address computer and network security; (v) address physical security; (vi) address business continuity and disaster recovery; (vii) address a security incident response program; and (viii) provide for the secure destruction and disposal of Customer Information. The Security Program shall be updated as required by applicable law and industry best practices.
Information Security Program. AFD, Transfer Agent, CRMC, and the Series through their parent company, The Capital Group Companies, Inc. (“Capital Group”) has adopted and implemented, and maintains, a comprehensive information security program (“AFD, Transfer Agent, CRMC, and the Series’ Information Security Programs”) incorporating administrative, technical, and physical safeguards to reasonably (a) ensure the confidentiality of Personal Information in its possession or control; (b) protect against any anticipated threats or hazards to the security or integrity of Personal Information; (c) protect against unauthorized access to or use of Personal Information, including without limitation programs to train AFD, Transfer Agent, CRMC, and the Series’ personnel and agents in safeguarding the same, (d) prevent the loss, destruction or alteration of the Insurance Company’s Confidential Information, and (e) subject to Section 1.9 below destroy all electronic and hard-copy materials containing the Insurance Company Confidential Information which AFD, Transfer Agent, CRMC, or the Series are permitted or required to destroy hereunder in a safe and secure manner.
Information Security Program a. Ironclad agrees to implement appropriate technical and organizational measures designed to protect Customer Personal Data as required by Applicable Data Protection Law(s) (the “Information Security Program”). Such measures shall be designed to include:
i. Pseudonymisation of Customer Personal Data where appropriate, and encryption of Customer Personal Data in transit and at rest;
ii. The ability to ensure the ongoing confidentiality, integrity, availability of Ironclad’s Processing and Customer Personal Data;
iii. The ability to restore the availability and access to Customer Personal Data in the event of a physical or technical incident;
iv. A process for regularly testing, assessing and evaluating the effectiveness of Ironclad’s Information Security Program to ensure the security of Customer Personal Data from reasonably suspected or actual accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.
Information Security Program. Smartsheet shall maintain a comprehensive written information security program, including policies, standards, procedures, and related documents that establish criteria, means, methods, and measures governing the processing and security of Customer Content and the Smartsheet systems or networks used to process or secure Customer Content in connection with providing the Subscription Service (“Smartsheet Information Systems”).
Information Security Program. SS&C represents, warrants and covenants that it has adopted, implemented and maintains a comprehensive written Information Security Program, under which SS&C documents, implements and maintains the physical, administrative, and technical safeguards reasonably designed and implemented to: (a) comply with U.S. laws applicable to SS&C’s business; and (b) protect the confidentiality, integrity, availability and security of Client Data.
Information Security Program. Agent shall respond to the Funds' reasonable requests for information concerning Agent's information security program and, upon request, will provide a summary of its applicable information security policies and procedures to the Funds. Agent shall notify the Funds of any material changes to its information security program that would materially diminish the current security of Agent's recordkeeping system.
Information Security Program. The Parties warrant and represent that each has adopted and implemented, and covenant that each will maintain, a comprehensive information security program (“The Information Security Programs”) incorporating administrative, technical, and physical safeguards (a) to ensure the confidentiality of Personal Information in its possession or control; (b) to protect against any anticipated threats or hazards to the security or integrity of Personal Information; (c) to protect against unauthorized access to or use of Personal Information, including without limitation programs to train the Parties’ personnel and agents in safeguarding the same, (d) to prevent the loss, destruction or alteration of Confidential Information, and (e) to destroy all electronic and hard-copy materials containing Confidential Information which the Parties are permitted or required to destroy hereunder in a safe and secure manner.
