Common use of Security Governance Clause in Contracts

Security Governance. Zapier maintains an information security program (including the adoption and enforcement of internal policies and procedures) designed to: (a) help our customers secure their data processed using Zapier’s online product against accidental or unlawful loss, access, or disclosure, (b) identify reasonably foreseeable and internal risks to security and unauthorised access to the Zapier online product, and (c) minimise security risks, including through risk assessment and regular testing. Xxxxxx’s head of security coordinates and is primarily responsible for the company’s information security program. The team covers the following core functions: • Application security (secure development, security feature design, the Security Champions program, and secure development training) • Infrastructure security (data centers, cloud security, and strong authentication) • Monitoring and incident response (cloud native and custom) • Vulnerability management (vulnerability scanning and resolution) • Compliance and technical privacy • Security awareness (onboarding training and awareness campaigns)

Security Governance. Zapier maintains an information security program (including the adoption and enforcement of internal policies and procedures) designed to: (a) help our customers secure their data processed using Zapier’s online product against accidental or unlawful loss, access, or disclosure, (b) identify reasonably foreseeable and internal risks to security and unauthorised access to the Zapier online product, and (c) minimise security risks, including through risk assessment and regular testing. XxxxxxZapier’s head of security coordinates and is primarily responsible for the company’s information security program. The team covers the following core functions: • Application security (secure development, security feature design, the Security Champions program, and secure development training) • Infrastructure security (data centers, cloud security, and strong authentication) • Monitoring and incident response (cloud native and custom) • Vulnerability management (vulnerability scanning and resolution) • Compliance and technical privacy • Security awareness (onboarding training and awareness campaigns)