By registering, you certify that all information you provide, now or in the future, is consistent. investeliteresearch.com reserves the right, in its sole discretion, to deny you access to this website or any portion thereof without notice for the following reasons (a) immediately by investeliteresearch.com for any unauthorized access or use by you (b) immediately by investeliteresearch.com if you assign or transfer (or attempt the same) any rights granted to you under this Agreement; (c) immediately, if you violate any of the other terms and conditions of this User Agreement
I agree to get periodic SMS alerts.
I agree to get periodic newsletters.
Organization information must be protected against unauthorized exposure, tampering, loss and destruction, wherever it is found, in a manner that is consistent with applicable laws and with the information’s significance to the Organization and any individual whose information is collected. Achieving this objective requires that Organization information be segregated into logical collections (e.g., Customer personal documents, employee benefit data, payroll data, personal data regarding, and financial records), and that each collection be associated with an individual known as an “Information Guardian” who must :
The guardian of a logical information collection is typically the head of the department on whose behalf the information is collected or that is most closely associated with such information. Each Information Guardian may designate one or more individuals on his or her staff to perform the above duties. However, the Information Guardian retains ultimate responsibility for their actions.
Office Heads are required to:
Each individual who has access to information owned by or entrusted to the Organization is expected to know and understand its security requirements and to take measures to protect the information in a manner that is consistent with the requirements defined by its Information Guardian, wherever the information is located, i.e.,
activities performed by anyone using that key or identifier. Therefore, each individual must be diligent in protecting his or her physical keys and ID cards against theft, and his or her computer and network accounts against unauthorized use. Passwords created for computer and network accounts should be difficult to guess. Furthermore, passwords should never be shared or recorded and stored in a location that is easily accessible by others. Stolen keys and ID cards, and computer and network accounts suspected of being compromised should be reported to the appropriate authorities immediately. The assignment of a single network or system account to a group of individuals sharing the same password is highly discouraged and may only occur in cases where there is no reasonable, technical alternative.
Identity theft is a serious and growing problem in our society. Anyone who can obtain certain pieces of information about an individual can open credit cards, take out loans, create forged documents or steal assets in the individual’s name. Being sensitive to the identity theft threat, the Organization requires that extra precaution be taken when collecting, using and storing non-public “personally identifiable” information, such as:
Income tax records Collection and use of any of the above pieces of information should be limited to situations where there is legitimate business need and no reasonable alternative. Managers must ensure that their employees understand the need to safeguard this information, and that adequate procedures are in place to minimize this risk. Access to such information may only be granted to authorize individuals on a need to know basis.
sonally Identifying Information All non-public information gathered and maintained by employees of Organization, for the purpose of conducting Organization business, that personally identifies any living or deceased individual –names and other personal information pertaining to individual employees, clients, contractors, subcontractors etc. –is considered “confidential” unless otherwise specified by this document or by the appropriate Information Guardian or designate.
Check that the policy is being implemented (e.g. by conducting periodic audits of data protection procedures) and identify any issues arising.
Direct termination of service if someone is found to be violating the norms