Risk Assessment An assessment of any risks inherent in the work requirements and actions to mitigate these risks.
Periodic Risk Assessment Provider further acknowledges and agrees to conduct periodic risk assessments and remediate any identified security and privacy vulnerabilities in a timely manner.
Audit and Testing 4.1 The Contractor shall conduct tests of the processes and countermeasures contained in the Security Plan ("Security Tests") on an annual basis or as otherwise agreed by the Parties. The date, timing, content and conduct of such Security Tests shall be agreed in advance with the Authority. 4.2 The Authority shall be entitled to send a representative to witness the conduct of the Security Tests. The Contractor shall provide the Authority with the results of such tests (in a form approved by the Authority in advance) as soon as practicable after completion of each Security Test. 4.3 Without prejudice to any other right of audit or access granted to the Authority pursuant to this Contract, the Authority shall be entitled at any time and without giving notice to the Contractor to carry out such tests (including penetration tests) as it may deem necessary in relation to the Security Plan and the Contractor's compliance with and implementation of the Security Plan. The Authority may notify the Contractor of the results of such tests after completion of each such test. Security Tests shall be designed and implemented so as to minimise the impact on the delivery Services. If such tests impact adversely on its ability to deliver the Services to the agreed Service Levels, the Contractor shall be granted relief against any resultant under-performance for the period of the tests. 4.4 Where any Security Test carried out pursuant to paragraphs 4.2 or 4.3 above reveals any actual or potential security failure or weaknesses, the Contractor shall promptly notify the Authority of any changes to the Security Plan (and the implementation thereof) which the Contractor proposes to make in order to correct such failure or weakness. Subject to the Authority's approval in accordance with paragraph 3.12, the Contractor shall implement such changes to the Security Plan in accordance with the timetable agreed with the Authority or, otherwise, as soon as reasonably possible. For the avoidance of doubt, where the change to the Security Plan to address a non-compliance with the Security Policy or security requirements, the change to the Security Plan shall be at no additional cost to the Authority. For the purposes of this paragraph 4, a weakness means a vulnerability in security and a potential security failure means a possible breach of the Security Plan or security requirements.
Risk Assessments a. Risk Assessment - DST shall, at least annually, perform risk assessments that are designed to identify material threats (both internal and external) against Fund Data, the likelihood of those threats Schedule 10.2 p.2 occurring and the impact of those threats upon DST organization to evaluate and analyze the appropriate level of information security safeguards (“Risk Assessments”). b. Risk Mitigation - DST shall use commercially reasonable efforts to manage, control and remediate threats identified in the Risk Assessments that it believes are likely to result in material unauthorized access, copying, use, processing, disclosure, alteration, transfer, loss or destruction of Fund Data, consistent with the Objective, and commensurate with the sensitivity of the Fund Data and the complexity and scope of the activities of DST pursuant to the Agreement. c. Security Controls Testing - DST shall, on approximately an annual basis, engage an independent external party to conduct a review (including information security) of DST’s systems that are related to the provision of services. DST shall have a process to review and evaluate high risk findings resulting from this testing.
Conformity Assessment Procedures 1. Each Party shall give positive consideration to accepting the results of conformity assessment procedures of other Parties, even where those procedures differ from its own, provided it is satisfied that those procedures offer an assurance of conformity with applicable technical regulations or standards equivalent to its own procedures. 2. Each Party shall seek to enhance the acceptance of the results of conformity assessment procedures conducted in the territories of other Parties with a view to increasing efficiency, avoiding duplication and ensuring cost effectiveness of the conformity assessments. In this regard, each Party may choose, depending on the situation of the Party and the specific sectors involved, a broad range of approaches. These may include but are not limited to: (a) recognition by a Party of the results of conformity assessments performed in the territory of another Party; (b) recognition of co-operative arrangements between accreditation bodies in the territories of the Parties; (c) mutual recognition of conformity assessment procedures conducted by bodies located in the territory of each Party; (d) accreditation of conformity assessment bodies in the territory of another Party; (e) use of existing regional and international multilateral recognition agreements and arrangements; (f) designating conformity assessment bodies located in the territory of another Party to perform conformity assessment; and (g) suppliers’ declaration of conformity. 3. Each Party shall exchange information with other Parties on its experience in the development and application of the approaches in Paragraph 2(a) to (g) and other appropriate approaches with a view to facilitating the acceptance of the results of conformity assessment procedures. 4. A Party shall, upon request of another Party, explain its reasons for not accepting the results of any conformity assessment procedure performed in the territory of that other Party.
Project Monitoring Reporting and Evaluation The Recipient shall furnish to the Association each Project Report not later than forty-five (45) days after the end of each calendar semester, covering the calendar semester.
Reverse Engineering The Customer must not reverse assemble or reverse compile or directly or indirectly allow or cause a third party to reverse assemble or reverse compile the whole or any part of the software or any products supplied as a part of the Licensed System.
Joint Assessment If the Premises are not separately assessed, Lessee's liability shall be an equitable proportion of the Real Property Taxes for all of the land and improvements included within the tax parcel assessed, such proportion to be conclusively determined by Lessor from the respective valuations assigned in the assessor's work sheets or such other information as may be reasonably available.
Geotechnical Engineer « »« » « » « » « » « »
Monitoring and Risk Assessment of Securities Depositories Prior to the placement of any assets of the Fund with a non-U.S. Securities Depository, the Custodian: (a) shall provide to the Fund or its authorized representative an assessment of the custody risks associated with maintaining assets within such Securities Depository; and (b) shall have established a system to monitor the custody risks associated with maintaining assets with such Securities Depository on a continuing basis and to promptly notify the Fund or its Investment Adviser of any material changes in such risk. In performing its duties under this subsection, the Custodian shall use reasonable care and may rely on such reasonable sources of information as may be available including but not limited to: (i) published ratings; (ii) information supplied by a Subcustodian that is a participant in such Securities Depository; (iii) industry surveys or publications; (iv) information supplied by the depository itself, by its auditors (internal or external) or by the relevant Foreign Financial Regulatory Authority. It is acknowledged that information procured through some or all of these sources may not be independently verifiable by the Custodian and that direct access to Securities Depositories is limited under most circumstances. Accordingly, the Custodian shall not be responsible for errors or omissions in its duties hereunder provided that it has performed its monitoring and assessment duties with reasonable care. The risk assessment shall be provided to the Fund or its Investment Advisor by such means as the Custodian shall reasonably establish. Advices of material change in such assessment may be provided by the Custodian in the manner established as customary between the Fund and the Custodian for transmission of material market information.
