Administrative Controls. The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
Appears in 113 contracts
Samples: Services Agreement, It Services Contract, Master Subscription Agreement
Administrative Controls. The Contractor must have the following controls in place:
a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy.
b. If the Data shared under this agreement is classified as Category 44 data, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data.
c. If Confidential Information shared under this agreement is classified as Category 44 data, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
Appears in 24 contracts
Samples: County Program Agreement, County Program Agreement, County Program Agreement
Administrative Controls. The Contractor must have the following controls in place:
a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy.and
b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data.
c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
Appears in 12 contracts
Samples: It Services Contract, It Services Contract, It Services Contract
Administrative Controls. The Contractor must have the following controls in place:
a. 1. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy.
b. 2. If the Data shared under this agreement is classified as Category 44 data, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data.
c. 3. If Confidential Information shared under this agreement is classified as Category 44 data, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
Appears in 8 contracts
Samples: Professional Services, Professional Services, Professional Services Contract
Administrative Controls. The Contractor must have the following controls in place:
a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy.and
b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data.
c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the Contractor system(s) housing the Category 4 Data.
Appears in 1 contract
Samples: It Services Contract
