Security Incident Procedures policies and procedures to detect, respond to, and otherwise address security incidents, including procedures to monitor systems and to detect actual and attempted attacks on or intrusions into Personal Data or information systems relating thereto, and procedures to identify and respond to suspected or known security incidents, mitigate harmful effects of security incidents, and document security incidents and their outcomes.
Security Incident Procedures. A security incident response plan that includes procedures to be followed in the event of any Security Breach. Such procedures include:
Security Incident Procedures. A security incident response plan that includes procedures to be followed in the event of any security breach of any application or system directly associated with the accessing, processing, storage or transmission of Covered Data.
Security Incident Procedures. In the event that Service Provider becomes aware of or suspects a Security Incident, Service Provider shall:
Security Incident Procedures policies and procedures to detect, respond to, and otherwise address security incidents, including procedures to monitor systems and to detect actual and attempted attacks on or intrusions into Personal Data or information systems relating thereto, and procedures to identify and respond to suspected or known security incidents, mitigate harmful effects of security incidents, and document security incidents and their outcomes. VMT shall also designate a security official responsible for the development, implementation and maintenance of all the safeguards in this Schedule.
Security Incident Procedures. GLMX represents and warrants that its security program contains a security incident response plan that includes procedures to be followed in the event of any Security Breach or any breach of any application or system directly associated with the accessing, processing, storage, communication or transmission of Confidential Information.
Security Incident Procedures. A security incident response plan that includes procedures to be followed in the event of any Security Breach. Such procedures include: • Roles and responsibilities: formation of an internal incident response team with a response leader; • Investigation: assessing the risk the incident poses and determining who may be affected; • Communication: internal reporting as well as a notification process in the event of unauthorized disclosure of Customer Data; • Recordkeeping: keeping a record of what was done and by whom to help in later analysis and possible legal action; and Conduct Root Cause Analysis
Security Incident Procedures. (a) Implement policies and procedures to address security incidents.
Security Incident Procedures. Processor has policies and procedures to detect, respond to, and otherwise address Security Incidents (as defined below), including procedures to monitor systems and to detect actual and attempted attacks on or intrusions into Personal Data or information systems relating thereto, and procedures to identify and respond to suspected or known Security Incidents, mitigate harmful effects of Security Incidents, and document Security Incidents and their outcomes.
Security Incident Procedures policies and procedures to detect, respond to, and otherwise address security incidents, including procedures to monitor systems and to detect actual and attempted attacks on or intrusions into Customer Data or information systems relating thereto, and procedures to identify and respond to validated security incidents, mitigate harmful effects of security incidents, and document security incidents and their outcomes. Contingency Planning – policies and procedures for responding to an emergency or other occurrence (for example, fire, vandalism, system failure, and natural disaster) that damages Customer Data or systems that contain Customer Data, including a data backup plan and a disaster recovery plan. Device and Media Controls – policies and procedures that govern the receipt and removal of hardware and electronic media that contain Customer Data into and out of a Vendor data center, and the movement of these items within a Vendor data center, including policies and procedures to address the final disposition of Customer Data. Audit controls – hardware, software, and/or procedural mechanisms that record activity in information systems that contain or use Customer Data. Data Integrity – policies and procedures to guard against the unauthorized disclosure, improper alteration, or unauthorized destruction of Customer Data. Transmission Security – encryption of electronic information while in transit to guard against unauthorized access to Customer Data that is being transmitted over public communications networks. Secure Disposal – policies and procedures regarding the disposal of Customer Data, taking into account available technology that can be used to sanitize storage media such that stored data cannot be practicably read or reconstructed. Testing – Vendor shall regularly test the key controls, systems and procedures of its Information Security Program to verify that they are properly implemented and effective in addressing the threats and risks identified. Tests will be conducted or reviewed in accordance with recognized industry standards (e.g. ISO27001 or SSAE18 and their successor audit standards, or similar industry recognized security audit standards). Adjust the Program – Vendor shall monitor, evaluate, and adjust, as it deems necessary, the Information Security Program in light of any relevant changes in technology or industry security standards, the sensitivity of Customer Data, and internal or external threats to Open LMS or the Customer Data.
