Risk Assessments a. Risk Assessment - DST shall, at least annually, perform risk assessments that are designed to identify material threats (both internal and external) against Fund Data, the likelihood of those threats Schedule 10.2 p.2 occurring and the impact of those threats upon DST organization to evaluate and analyze the appropriate level of information security safeguards (“Risk Assessments”).
b. Risk Mitigation - DST shall use commercially reasonable efforts to manage, control and remediate threats identified in the Risk Assessments that it believes are likely to result in material unauthorized access, copying, use, processing, disclosure, alteration, transfer, loss or destruction of Fund Data, consistent with the Objective, and commensurate with the sensitivity of the Fund Data and the complexity and scope of the activities of DST pursuant to the Agreement.
c. Security Controls Testing - DST shall, on approximately an annual basis, engage an independent external party to conduct a review (including information security) of DST’s systems that are related to the provision of services. DST shall have a process to review and evaluate high risk findings resulting from this testing.
Risk Assessment An assessment of any risks inherent in the work requirements and actions to mitigate these risks.
Conformity Assessment Procedures 1. Each Party shall give positive consideration to accepting the results of conformity assessment procedures of other Parties, even where those procedures differ from its own, provided it is satisfied that those procedures offer an assurance of conformity with applicable technical regulations or standards equivalent to its own procedures.
2. Each Party shall seek to enhance the acceptance of the results of conformity assessment procedures conducted in the territories of other Parties with a view to increasing efficiency, avoiding duplication and ensuring cost effectiveness of the conformity assessments. In this regard, each Party may choose, depending on the situation of the Party and the specific sectors involved, a broad range of approaches. These may include but are not limited to:
(a) recognition by a Party of the results of conformity assessments performed in the territory of another Party;
(b) recognition of co-operative arrangements between accreditation bodies in the territories of the Parties;
(c) mutual recognition of conformity assessment procedures conducted by bodies located in the territory of each Party;
(d) accreditation of conformity assessment bodies in the territory of another Party;
(e) use of existing regional and international multilateral recognition agreements and arrangements;
(f) designating conformity assessment bodies located in the territory of another Party to perform conformity assessment; and
(g) suppliers’ declaration of conformity.
3. Each Party shall exchange information with other Parties on its experience in the development and application of the approaches in Paragraph 2(a) to (g) and other appropriate approaches with a view to facilitating the acceptance of the results of conformity assessment procedures.
4. A Party shall, upon request of another Party, explain its reasons for not accepting the results of any conformity assessment procedure performed in the territory of that other Party.
Grievance Commissioner System This is to confirm the discussion of the parties during collective bargaining that they are committed to encouraging early discussion and resolution of labour relations issues at the local level and seek to resolve grievances in a timely and cost efficient manner. To that end, this is to confirm that pursuant to Article 8, the parties agree that the Employer and Union at individual nursing homes may agree to utilize the following process in order to resolve a particular grievance through the utilization of a joint mediation-arbitration procedure:
Time Limits to Present Initial Grievance An employee who wishes to present a grievance at Step 2 of the grievance procedure, in the manner prescribed in Clause 8.4, must do so no later than 30 days after the date:
(a) on which they were notified orally or in writing, of the action or circumstances giving rise to the grievance;
(b) on which they first became aware of the action or circumstances giving rise to the grievance.
Joint Funded Project with the Ohio Department of Transportation In the event that the Recipient does not have contracting authority over project engineering, construction, or right-of-way, the Recipient and the OPWC hereby assign certain responsibilities to the Ohio Department of Transportation, an authorized representative of the State of Ohio. Notwithstanding Sections 4, 6(a), 6(b), 6(c), and 7 of the Project Agreement, Recipient hereby acknowledges that upon notification by the Ohio Department of Transportation, all payments for eligible project costs will be disbursed by the Grantor directly to the Ohio Department of Transportation. A Memorandum of Funds issued by the Ohio Department of Transportation shall be used to certify the estimated project costs. Upon receipt of a Memorandum of Funds from the Ohio Department of Transportation, the OPWC shall transfer funds directly to the Ohio Department of Transportation via an Intra- State Transfer Voucher. The amount or amounts transferred shall be determined by applying the Participation Percentages defined in Appendix D to those eligible project costs within the Memorandum of Funds. In the event that the Project Scope is for right-of-way only, notwithstanding Appendix D, the OPWC shall pay for 100% of the right-of-way costs not to exceed the total financial assistance provided in Appendix C.
Statewide HUB Program Statewide Procurement Division Note: In order for State agencies and institutions of higher education (universities) to be credited for utilizing this business as a HUB, they must award payment under the Certificate/VID Number identified above. Agencies, universities and prime contractors are encouraged to verify the company’s HUB certification prior to issuing a notice of award by accessing the Internet (xxxxx://xxxxx.xxx.xxxxx.xx.xx/tpasscmblsearch/index.jsp) or by contacting
Data Protection Impact Assessment If, pursuant to Data Protection Law, Customer (or its Controllers) are required to perform a data protection impact assessment or prior consultation with a regulator, at Customer’s request, SAP will provide such documents as are generally available for the Cloud Service (for example, this DPA, the Agreement, audit reports or certifications). Any additional assistance shall be mutually agreed between the Parties.
CERTIFICATION REGARDING BOYCOTTING CERTAIN ENERGY COMPANIES (Texas law as of September 1, 2021) By submitting a proposal to this Solicitation, you certify that you agree, when it is applicable, to the following required by Texas law as of September 1, 2021: If (a) company is not a sole proprietorship; (b) company has ten (10) or more full-time employees; and (c) this contract has a value of $100,000 or more that is to be paid wholly or partly from public funds, the following certification shall apply; otherwise, this certification is not required. Pursuant to Tex. Gov’t Code Ch. 2274 of SB 13 (87th session), the company hereby certifies and verifies that the company, or any wholly owned subsidiary, majority-owned subsidiary, parent company, or affiliate of these entities or business associations, if any, does not boycott energy companies and will not boycott energy companies during the term of the contract. For purposes of this contract, the term “company” shall mean an organization, association, corporation, partnership, joint venture, limited partnership, limited liability partnership, or limited liability company, that exists to make a profit. The term “boycott energy company” shall mean “without an ordinary business purpose, refusing to deal with, terminating business activities with, or otherwise taking any action intended to penalize, inflict economic harm on, or limit commercial relations with a company because the company (a) engages in the exploration, production, utilization, transportation, sale, or manufacturing of fossil fuel-based energy and does not commit or pledge to meet environmental standards beyond applicable federal and state law, or (b) does business with a company described by paragraph (a).” See Tex. Gov’t Code § 809.001(1).
Data Protection Impact Assessment and Prior Consultation Processor shall provide reasonable assistance to the Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.
