Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.
Risk Assessments a. Risk Assessment - DST shall, at least annually, perform risk assessments that are designed to identify material threats (both internal and external) against Fund Data, the likelihood of those threats Schedule 10.2 p.2 occurring and the impact of those threats upon DST organization to evaluate and analyze the appropriate level of information security safeguards (“Risk Assessments”). b. Risk Mitigation - DST shall use commercially reasonable efforts to manage, control and remediate threats identified in the Risk Assessments that it believes are likely to result in material unauthorized access, copying, use, processing, disclosure, alteration, transfer, loss or destruction of Fund Data, consistent with the Objective, and commensurate with the sensitivity of the Fund Data and the complexity and scope of the activities of DST pursuant to the Agreement. c. Security Controls Testing - DST shall, on approximately an annual basis, engage an independent external party to conduct a review (including information security) of DST’s systems that are related to the provision of services. DST shall have a process to review and evaluate high risk findings resulting from this testing.
Needs Assessment 1. The Contractor shall conduct a cultural and linguistic group-needs assessment of the eligible client population in the Contractor’s service area to assess the language needs of the population and determine what reasonable steps are necessary to ensure meaningful access to services and activities to eligible individuals. [22 CCR 98310, 98314] The group-needs assessment shall take into account the following four (4) factors: a. Number or proportion of persons with Limited English Proficiency (LEP) eligible to be served or encountered by the program. b. Frequency with which LEP individuals come in contact with the program. c. Nature and importance of the services provided. d. Local or frequently used resources available to the Contractor. This group-needs assessment will serve as the basis for the Contractor’s determination of “reasonable steps” and provide documentary evidence of compliance with Cal. Gov. Code § 11135 et seq.; 2 CCR 11140, 2 CCR 11200 et seq., and 22 CCR98300 et seq. 2. The Contractor shall prepare and make available a report of the findings of the group-needs assessment that summarizes: a. Methodologies used. b. The linguistic and cultural needs of non-English speaking or LEP groups. c. Services proposed to address the needs identified and a timeline for implementation. [22 CCR 98310] 3. The Contractor shall maintain a record of the group-needs assessment on file at the Contractor’s headquarters at all times during the term of this Agreement. [22 CCR 98310, 98313]
