Page 60 - Ipsos
P. 60

Information Classification: Internal Use
                                                                      Ipsos Book of Policies & Procedures


                   Appendix 1 - Definitions and Abbreviations

                  Access  -  Defined  as  the  ability  and  means  necessary  to  store  data  in,  to  retrieve  data  from,  to
                  communicate with, or to make use of any resource of a system.

                  Annual  Review  -  Means  the  annual  review  undertaken  by  Global  Information  Security,  Group
                                       rd
                  Internal Audit and any 3  party auditors specified by Ipsos following an annual worldwide audit, for
                  the on-going-implementation, evaluation and  necessary update of this policy and the scheduled
                  annexed  herewith,  in  line  with  changes  in  the  relevant  legislation  technological  evolution  and
                  business practice.


                   Asset - Anything that has value to the organization (e.g. Information, Hardware; Software; DBs
                   and Files)

                   Asset Owner - The person that has approved management responsibility (Department Director /
                   Manager or other persons designated by the Department Manager/Director) for controlling the
                   production, development, maintenance, use and security of the asset.
                   Authorized  Persons  -  Defined  as  people  who  have  established  a  need  and  received  the
                   necessary authorization for access company assets.


                   Client Information - Refers to all information that may identify a client and is protected under a
                   non-disclosure  agreement.  Examples  of  such  information  may  include,  without  limitation,
                   contracts,  research  presentations  and  results,  briefs,  Ad  Tests,  and  any  client  information
                   contained in proposals, questionnaires and screeners

                   Corporate Documents - Means Documents owned and possessed by the Company (whether
                   created or received).

                   Custodian  -  The  person  or  group  responsible  for  control  and  protection  of  the  Asset,  who
                   implement the appropriate level of physical access security and logical access security for those
                   authorized  to  access  the  system  and  to  maintain  records  of  access  privileges  (e.g.  DB
                   Administrator)

                   Information Availability - The property of being accessible and usable upon demand by an
                   authorized entity. Each Asset Owner must assess the availability requirements to adapt the level
                   of security.

                   Information Confidentiality - The property that information is not made available or disclosed to
                   unauthorized individuals, entities, or processes. Each Asset Owner must assess the degree of
                   confidentiality to adapt the level of security.

                   Information Integrity - The property of safeguarding the accuracy and completeness of assets.
                   Each Asset Owner must assess the degree of integrity to adapt the level of security.
                   Information Technology Resources - Defined as computers, telecommunication equipment,
                   networks, automated data processing, databases, the Internet, printing, management information
                   systems, and related information, equipment, goods, and services




                                                   Page 20 of 22
   55   56   57   58   59   60   61   62   63   64   65