Common use of Information Security Management Clause in Contracts

Information Security Management. A. Security Program i. Includes documented policies or standards appropriate to govern the handling of Protected Data in compliance with the Agreement and with applicable law. ii. Is managed by a senior employee responsible for overseeing and implementing the program. iii. Includes administrative, technical, and physical safeguards reasonably designed to protect the confidentiality, integrity, and availability of Protected Data. iv. Is appropriate to the nature, size, and complexity of RingCentral’s business operations. B. Security Policy Management i. Align with information security established industry standards. ii. Are subject to ongoing review. iii. May be revised to reflect changes in industry best practices. C. Risk Management i. Performs cybersecurity risk assessments to identify threats to their business or operations at least annually. ii. Updates RingCentral policies, procedures and standards as needed to address threats to RingCentral’s business or operations.

Information Security Management. A. Security Program i. Includes documented policies or standards appropriate to govern the handling of Protected Data in compliance with the Agreement and with applicable law. ii. Is managed by a bya senior employee responsible for overseeing and implementing the program. iii. Includes administrative, technical, and physical safeguards reasonably designed to protect the confidentiality, integrity, and availability of Protected Data. iv. Is appropriate to the nature, size, and complexity of RingCentralRingCentral ’s business operations. B. Security Policy Management i. Align with information security established industry standards. ii. Are subject to ongoing review. iii. May be revised to reflect changes in industry best practices. C. Risk Management i. Performs cybersecurity risk assessments to identify threats to their business or operations at least annually. ii. Updates RingCentral policies, procedures and standards as needed to address threats to RingCentralRingCentral ’s business or operations.