Information Security Risk Assessment Sample Clauses

Information Security Risk Assessment. Newsela periodically conducts an accurate and thorough external assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of electronic, paper, or other records containing PII maintained by Newsela; reports such risks as promptly as possible to Newsela's Security Officer or other official within Newsela designated to be responsible for data privacy and security compliance; and implements security measures sufficient to reduce identified risks and vulnerabilities. Such measures are implemented based on the level of risks, capabilities, and operating requirements. These measures must include as appropriate and reasonable the following safeguards: 1. Administrative Safeguards i. Discipline: ▇▇▇▇▇▇▇ enacts appropriate discipline with respect to employees who fail to comply with Newsela security policies and procedures.