Access Control Supplier will maintain an appropriate access control policy that is designed to restrict access to Accenture Data and Supplier assets to authorized Personnel. Supplier will require that all accounts have complex passwords that contain letters, numbers, and special characters, be changed at least every 90 days, and have a minimum length of 8 characters.
System Access Control Data processing systems used to provide the Cloud Service must be prevented from being used without authorization.
Physical Access Control Unauthorized persons are prevented from gaining physical access to premises, buildings or rooms where data processing systems that process and/or use Personal Data are located.
Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
Loop Provisioning Involving Integrated Digital Loop Carriers 2.6.1 Where Xxxx has requested an Unbundled Loop and BellSouth uses IDLC systems to provide the local service to the End User and BellSouth has a suitable alternate facility available, BellSouth will make such alternative facilities available to Xxxx. If a suitable alternative facility is not available, then to the extent it is technically feasible, BellSouth will implement one of the following alternative arrangements for Xxxx (e.g. hairpinning): 1. Roll the circuit(s) from the IDLC to any spare copper that exists to the customer premises. 2. Roll the circuit(s) from the IDLC to an existing DLC that is not integrated. 3. If capacity exists, provide "side-door" porting through the switch. 4. If capacity exists, provide "Digital Access Cross Connect System (DACS)- door" porting (if the IDLC routes through a DACS prior to integration into the switch). 2.6.2 Arrangements 3 and 4 above require the use of a designed circuit. Therefore, non- designed Loops such as the SL1 voice grade and UCL-ND may not be ordered in these cases. 2.6.3 If no alternate facility is available, and upon request from Xxxx, and if agreed to by both Parties, BellSouth may utilize its Special Construction (SC) process to determine the additional costs required to provision facilities. Xxxx will then have the option of paying the one-time SC rates to place the Loop.
Volunteer Firefighting Leave Leave without pay will be granted when an employee who is a volunteer firefighter is called to duty to respond to a fire, natural disaster or medical emergency.
BUSINESS CONTINUITY/DISASTER RECOVERY In the event of equipment failure, work stoppage, governmental action, communication disruption or other impossibility of performance beyond State Street’s control, State Street shall take reasonable steps to minimize service interruptions. Specifically, State Street shall implement reasonable procedures to prevent the loss of data and to recover from service interruptions caused by equipment failure or other circumstances with resumption of all substantial elements of services in a timeframe sufficient to meet business requirements. State Street shall enter into and shall maintain in effect at all times during the term of this Agreement with appropriate parties one or more agreements making reasonable provision for (i) periodic back-up of the computer files and data with respect to the Trusts; and (ii) emergency use of electronic data processing equipment to provide services under this Agreement. State Street shall test the ability to recover to alternate data processing equipment in accordance with State Street program standards, and provide a high level summary of business continuity test results to the Trusts upon request. State Street will remedy any material deficiencies in accordance with State Street program standards. Upon reasonable advance notice, and at no cost to State Street, the Trusts retain the right to review State Street’s business continuity, crisis management, disaster recovery, and third-party vendor management processes and programs (including discussions with the relevant subject matter experts and an on-site review of the production facilities used) related to delivery of the service no more frequently than an annual basis. Upon reasonable request, the State Street also shall discuss with senior management of the Trusts any business continuity/disaster recovery plan of the State Street and/or provide a high-level presentation summarizing such plan.”
Quality Control A. Controlled Affiliate agrees to use the Licensed Marks and Name only in connection with the licensed services and further agrees to be bound by the conditions regarding quality control shown in attached Exhibit A as they may be amended by BCBSA from time-to-time. B. Controlled Affiliate agrees to comply with all applicable federal, state and local laws. C. Controlled Affiliate agrees that it will provide on an annual basis (or more often if reasonably required by Plan or by BCBSA) a report or reports to Plan and BCBSA demonstrating Controlled Affiliate’s compliance with the requirements of this Agreement including but not limited to the quality control provisions of this paragraph and the attached Exhibit A. D. Controlled Affiliate agrees that Plan and/or BCBSA may, from time-to-time, upon reasonable notice, review and inspect the manner and method of Controlled Affiliate’s rendering of service and use of the Licensed Marks and Name. E. As used herein, a Controlled Affiliate is defined as an entity organized and operated in such a manner, that it meets the following requirements: (1) A Plan or Plans authorized to use the Licensed Marks in the Service Area of the Controlled Affiliate pursuant to separate License Agreement(s) with BCBSA, other than such Controlled Affiliate’s License Agreement(s), (the “Controlling Plan(s)”), must have the legal authority directly or indirectly through wholly-owned subsidiaries to select members of the Controlled Affiliate’s governing body having not less than 50% voting control thereof and to: (a) prevent any change in the articles of incorporation, bylaws or other establishing or governing documents of the Controlled Affiliate with which the Controlling Plan(s) do(es) not concur; (b) exercise control over the policy and operations of the Controlled Affiliate at least equal to that exercised by persons or entities (jointly or individually) other than the Controlling Plan(s); and Notwithstanding anything to the contrary in (a) through (b) hereof, the Controlled Affiliate’s establishing or governing documents must also require written approval by the Controlling Plan(s) before the Controlled Affiliate can: (i) change its legal and/or trade names; (ii) change the geographic area in which it operates; (iii) change any of the type(s) of businesses in which it engages; (iv) create, or become liable for by way of guarantee, any indebtedness, other than indebtedness arising in the ordinary course of business; (v) sell any assets, except for sales in the ordinary course of business or sales of equipment no longer useful or being replaced; (vi) make any loans or advances except in the ordinary course of business; (vii) enter into any arrangement or agreement with any party directly or indirectly affiliated with any of the owners or persons or entities with the authority to select or appoint members or board members of the Controlled Affiliate, other than the Plan or Plans (excluding owners of stock holdings of under 5% in a publicly traded Controlled Affiliate); (viii) conduct any business other than under the Licensed Marks and Name; (ix) take any action that any Controlling Plan or BCBSA reasonably believes will adversely affect the Licensed Marks and Name. In addition, a Plan or Plans directly or indirectly through wholly owned subsidiaries shall own at least 50% of any for-profit Controlled Affiliate. (2) A Plan or Plans authorized to use the Licensed Marks in the Service Area of the Controlled Affiliate pursuant to separate License Agreement(s) with BCBSA, other than such Controlled Affiliate’s License Agreement(s), (the “Controlling Plan(s)”), have the legal authority directly or indirectly through wholly-owned subsidiaries to select members of the Controlled Affiliate’s governing body having more than 50% voting control thereof and to: (a) prevent any change in the articles of incorporation, bylaws or other establishing or governing documents of the Controlled Affiliate with which the Controlling Plan(s) do(es) not concur; (b) exercise control over the policy and operations of the Controlled Affiliate. In addition, a Plan or Plans directly or indirectly through wholly-owned subsidiaries shall own more than 50% of any for-profit Controlled Affiliate.
Substance Abuse Program The SFMTA General Manager or designee will manage all aspects of the FTA-mandated Substance Abuse Program. He/she shall have appointing and removal authority over all personnel working for the Substance Abuse Program personnel, and shall be responsible for the supervision of the SAP.
Data Access Control Persons entitled to use data processing systems gain access only to the Personal Data that they have a right to access, and Personal Data must not be read, copied, modified or removed without authorization in the course of processing, use and storage.
