Access Control Requirements Sample Clauses

Access Control Requirements. Access to information and technology must be authorized only by * . • Access to information and technology must be on a need-to-know, job function basis. Users must only have the minimum access rights and privileges needed to perform a particular function or transaction. • Access rights specified by an individual User * . • At least annually, a review of User access rights to information and technology must be conducted by the Information Protection Group. Review of this information must be conducted by the business process owner with oversight by the IPG. • At least semi-annually, a review of User access to information and technology identified as High Risk in the Risk Assessment Process must be conducted by the Information Protection Group. • Access must be controlled to restricted information including: • Security commands, programs, utilities, and databases; • Program libraries; • Job or process execution statement files; • User authorization profiles; • Accountability tracking logs; and • Backup files containing any of the above. • * • Access to system documentation, e.g., application documentation, User manuals, etc., must be restricted on a need-to-know, job function basis. • The development, implementation, and maintenance of application software must be approved by the Business Owner, and must be in compliance with the MSB, as well as, the American Express Application Development Standard. • All purchased, commercial software must be approved by the Business Owner, and be licensed and implemented in such a way as to be in compliance with the MSB, as well as, any applicable American Express Global Technology Standards. • The Business Unit Manager must notify the Information Protection Group immediately upon transfer, change of job responsibilities, or leave of absence of a User (employee or third-party). • When the Information Protection Group is notified that a User has transferred, changed job responsibilities, or taken a leave of absence, the Information Protection Group must immediately take steps to ensure that the User’s access privileges are revoked if those privileges no longer apply. • The Business Unit Manager must immediately notify the Information Protection Group upon termination of a User, i.e., an employee or third party. When the Information Protection Group is notified of a user termination, the Information Protection Group must take immediate action to revoke the User’s access privileges. • Virus prevention technology, (e.g., viru...
Sample 1
AutoNDA by SimpleDocs
Access Control Requirements. Access to information and technology must be authorized only by * . • Access to information and technology must be * . • Access rights specified by an individual User * . • At least * , a review of User access rights to information and technology must be conducted by the * . Review of this information must be conducted by the business process owner with oversight by the * . • At least * , a review of User access to * . • Access must be controlled to restricted information including: * * • Access to system documentation, * . • The development, implementation, and maintenance of application software must be * . • All purchased, commercial software must be * . • * . • When the * . • The Business Unit Manager must immediately notify the * • * .
Sample 1
Access Control Requirements 
Sample 1

Related to Access Control Requirements

  • Personnel Requirements a. The CONTRACTOR shall secure, at the CONTRACTOR'S own expense, all personnel required to perform this Contract. b. The CONTRACTOR shall ensure that the CONTRACTOR'S employees or agents are experienced and fully qualified to engage in the activities and perform the services required under this Contract, and that all applicable licensing and operating requirements imposed or required under federal, state, or county law, and all applicable accreditation and other standards of quality generally accepted in the field of the activities of such employees and agents are complied with and satisfied.

  • Access Requirements You will be responsible for providing the System to enable you to use an Electronic Service.

  • Functional Requirements Applications must implement controls that protect against known vulnerabilities and threats, including Open Web Application Security Project (OWASP) Top 10 Risks and denial of service (DDOS) attacks.

  • General Requirements The Contractor hereby agrees:

  • Accessibility Requirements Under Tex. Gov’t Code Chapter 2054, Subchapter M, and implementing rules of the Texas Department of Information Resources, the System Agency must procure Products and services that comply with the Accessibility Standards when those Products are available in the commercial marketplace or when those Products are developed in response to a procurement solicitation. Accordingly, Grantee must provide electronic and information resources and associated Product documentation and technical support that comply with the Accessibility Standards.

  • Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.

  • Operational Requirements 4 At-Sea Monitors are deployed, in accordance with coverage rates developed by 5 NMFS and as assigned through the Pre-Trip Notification System (PTNS), to 6 vessels. Due to availability of funding, changes in the fishery management, 7 such as emergency closures, court ordered closures, weather, and unforeseen 8 events must remain flexible. Additional funding for sea days may be added to 9 the contract within the scope and maximum allowable sea days. 10 The following items define the operational services to be provided by the 11 contractor under this contract.

  • Additional Requirements As a condition precedent to the execution and Delivery, the registration of issuance, transfer, split-up, combination or surrender, of any ADS, the delivery of any distribution thereon, or the withdrawal of any Deposited Property, the Depositary or the Custodian may require (i) payment from the depositor of Shares or presenter of ADSs or of an ADR of a sum sufficient to reimburse it for any tax or other governmental charge and any stock transfer or registration fee with respect thereto (including any such tax or charge and fee with respect to Shares being deposited or withdrawn) and payment of any applicable fees and charges of the Depositary as provided in Section 5.9 and Exhibit B, (ii) the production of proof reasonably satisfactory to it as to the identity and genuineness of any signature or any other matter contemplated by Section 3.1, and (iii) compliance with (A) any laws or governmental regulations relating to the execution and Delivery of ADRs or ADSs or to the withdrawal of Deposited Securities and (B) such reasonable regulations as the Depositary and the Company may establish consistent with the provisions of the representative ADR, if applicable, the Deposit Agreement and applicable law.

  • Access Control Supplier will maintain an appropriate access control policy that is designed to restrict access to Accenture Data and Supplier assets to authorized Personnel. Supplier will require that all accounts have complex passwords that contain letters, numbers, and special characters, be changed at least every 90 days, and have a minimum length of 8 characters.

  • Collateral Requirements All amounts deposited or invested with financial institutions in excess of any insurance limit shall be collateralized in accordance with the Public Funds Investment Act, 30 ILCS 235/. The Superintendent or designee shall keep the Board informed of collateral agreements.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!