Information Security Reviews. The Provider’s approach to managing information security and its implementation (i.e., control objectives, controls, policies, processes, and procedures for information security) shall be reviewed independently at planned intervals or when significant changes occur.
Appears in 2 contracts