Organizational Controls. Genesys operates a comprehensive set of organizational and administrative controls to protect the security and privacy posture of Genesys.
Organizational Controls. The RRC will develop, adopt, and implement organizational controls. Compliance with the organization's articles, bylaws, code of conduct, and policies and procedures for the BoD, TAC, AFC, RRC staff, and members will be mandatory. Requirements for the RRC not specifically stated in this MOU will be detailed in the written control documents mentioned and include but not be limited to the following:
Organizational Controls. Box will implement the following suitable measures to maintain its internal organization in a manner that meets the requirements of ISMS:
Organizational Controls. The Corporation will control hazards in the environment by putting into place a number of administrative controls, as follows: a)
Organizational Controls. Work processes typically maintain appropriate “separation of duties” to protect against one employee subverting internal controls.
Organizational Controls. Policies are distributed to new employees as part of onboarding, reviewed throughout the year as part of ongoing risk assessment and updated according to business/technology changes when appropriate. Updated versions are published at least annually and distributed to employees for acknowledgement.
Organizational Controls. Cheetah will maintain a comprehensive information security program that contains administrative, technical, and physical safeguards appropriate to the complexity, nature, and scope of its activities, and the sensitivity of its information assets. Such safeguards will include the elements set forth below and will be reasonably designed to:
(a) Achieve the security and confidentiality of Customer Data;
(b) Protect against any anticipated threats or hazards to the security or integrity of Customer Data;
(c) Protect against unauthorized access to or use of Customer Data that could result in substantial harm or inconvenience to Customer; and
(d) Provide reasonable assurances to Customer of the ongoing effectiveness of controls.
Organizational Controls. We create a culture of sensitivity around data and security by doing the following:
1. We collect only the minimum data necessary to deliver our services.
2. We ask every employee to make a commitment to protect the secrecy of all internal and customer data.
3. As part of employee onboarding, we ask every employee to read our security policies.
4. As part of employee onboarding, we educate employees about relevant regulations.
5. All critical customer data is stored on systems that have built-in replication, or if necessary, we provide that replication.
6. We maintain a public Google Doc, Gruntwork Security Best Practices, and share it with all employees, customers, and the general public.
7. We conduct a periodic review with our legal team to ensure we are in compliance with all laws and regulations that may apply to us.
8. We have controls in place to maintain the confidentiality of customer information. All Gruntwork employees and contract personnel are bound by Gruntwork’s internal policies regarding maintaining confidentiality of customer information and contractually commit to these obligations.
