Browse
Search
2020-887-E Economic Dev - Submittable Holdings Inc grant management software
OrangeCountyNC
>
Board of County Commissioners
>
Contracts and Agreements
>
General Contracts and Agreements
>
2020's
>
2020
>
2020-887-E Economic Dev - Submittable Holdings Inc grant management software
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/1/2021 4:33:23 PM
Creation date
3/1/2021 4:09:58 PM
Metadata
Fields
Template:
Contract
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
60
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
DocuSign Envelope ID:90A54439-23B9-40AF-8246-BFCAAEAA529D <br /> APPENDIX B <br /> Security Measures <br /> REQUIRED TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES: <br /> • ORGANIZATIONAL MEASURES <br /> • Submittable has appointed one or more security officers responsible for coordinating and <br /> monitoring the security rules and procedures. <br /> • Submittable personnel with access to Personal Information are subject to confidentiality <br /> obligations. <br /> • Submittable has performed a risk assessment before processing Personal Information. <br /> • Submittable has implemented and maintained an information security program that establishes <br /> roles and responsibilities for information security, and supports the confidentiality, integrity, and <br /> availability of information systems operated by Submittable and its subcontractors. <br /> • Submittable has implemented and maintained information security policies that define <br /> requirements for acceptable use, access control, application, and system development, passwords, <br /> remote access, information classification, operational security, workstation security, network <br /> security, media handling and disposal, mobile computing, and physical security. <br /> • Submittable has implemented and maintained a governance framework with supporting risk <br /> management policies that will enable risk identification, analysis, and mitigation. <br /> • Submittable conducts data security training annually for all employees. <br /> • PHYSICAL ACCESS CONTROLS <br /> • Entry for secure areas are controlled by security personnel, identification badges, and/or electronic <br /> key cards. <br /> • All physical access is logged. <br /> • Physical access logs are reviewed monthly for unusual activity. <br /> • SYSTEM ACCESS CONTROLS <br /> • System access is based on the principle of least privilege, i.e., Submittable restricts access to <br /> personal information to only those individuals who require such access to perform their job <br /> function. <br /> • System access is revoked immediately upon termination. <br /> • Management conducts quarterly review of accounts, system access, and permission levels <br /> • DATA ACCESS CONTROLS <br /> • Data access is based on the principle of least privilege, i.e., Submittable restricts access to personal <br /> information to only those individuals who require such access to perform their job function. <br /> • Data access is revoked immediately upon termination. <br /> • Management reviews access to personal information, on a monthly basis. <br /> • Submittable uses industry standard practices to identify and authenticate users who attempt to <br /> access information systems. <br /> Submittable Customer Terms of Service v1.1—Exhibit B,Appendix B Page 1 of 2 <br />
The URL can be used to link to this page
Your browser does not support the video tag.