COMPLIANCE WITH ISO/IEC 27001 Sample Clauses

COMPLIANCE WITH ISO/IEC 27001. 5.1 The contractor shall obtain independent certification of the Security Plan to ISO27001 as soon as reasonably practicable and will maintain such certification for the duration of the Contract. 5.2 If certain parts of the Security Policy do not conform to good industry practice as described in ISO27002 and, as a result, the Contractor reasonably believes that its certification to ISO 27001 would fail in regard to theses parts, the Contractor shall promptly notify the Authority of this and the Authority in its absolute discretion may waive the requirement to certification in respect of the relevant parts. 5.3 The Contractor shall carry out such regular security audits as may be required by the British Standards Institute in order to maintain delivery of the Services in compliance with security aspects of ISO 27001 and shall promptly provide to the Authority any associated security audit reports and shall otherwise notify the Authority of the results of such security audits. 5.4 If it is the Authority's reasonable opinion that compliance with the principles and practices of ISO 27001 is not being achieved by the Contractor, then the Authority shall notify the Contractor of the same and give the Contractor a reasonable time (having regard to the extent of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO 27001. If the Contractor does not become compliant within the required time then the Authority has the right to obtain an independent audit against these standards in whole or in part. 5.5 If, as a result of any such independent audit as described in paragraph 5.4 the Contractor is found to be non-compliant with the principles and practices of ISO 27001 then the Contractor shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit.
Sample 1Sample 2Sample 3See All (56)
AutoNDA by SimpleDocs
COMPLIANCE WITH ISO/IEC 27001. 5.1 Where the Customer requests, the Supplier shall obtain independent certification of the ISMS to ISO/IEC 27001 within twelve (12) Months of the Effective Date (or such reasonable time period as to be agreed with the Customer) and shall maintain such certification for the duration of the Contract. 5.2 If certain parts of the ISMS do not conform to good industry practice, or controls as described in ISO/IEC 27002 are not consistent with the Security Policy, and, as a result, the Supplier reasonably believes that it is not compliant with ISO/IEC 27001, the Supplier shall promptly notify the Customer of this and the Customer in its absolute discretion may waive the requirement for certification in respect of the relevant parts. 5.3 The Customer shall be entitled to carry out such regular security audits as may be required and in accordance with Good Industry Practice, in order to ensure that the ISMS maintains compliance with the principles and practices of ISO 27001. 5.4 If, on the basis of evidence provided by such audits, it is the Customer's reasonable opinion that compliance with the principles and practices of ISO/IEC 27001 is not being achieved by the Supplier, then the Customer shall notify the Supplier of the same and give the Supplier a reasonable time (having regard to the extent and criticality of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO/IEC 27001. If the Supplier does not become compliant within the required time then the Customer has the right to obtain an independent audit against these standards in whole or in part. 5.5 If, as a result of any such independent audit as described in paragraph 5.4 the Supplier is found to be non-compliant with the principles and practices of ISO/IEC 27001 then the Supplier shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Customer in obtaining such audit. 5.6 If required by the Customer, the Supplier shall carry out regular security audits as may be required in order to maintain delivery of the Services and the ISMS in compliance with: 5.6.1 security aspects of ISO/IEC 27002:2005 or equivalent; 5.6.2 ISO/IEC 27001 or equivalent; 5.6.3 the Security Policy Framework; and 5.6.4 the requirements issued by the National Technical Authority for Information Assurance, and shall promptly provide to the Customer any associated security au...
Sample 1Sample 2Sample 3See All (29)
COMPLIANCE WITH ISO/IEC 27001. 56.1The Supplier shall obtain independent certification of the ISMS to ISO/IEC 27001 within twelve [12] months of the Commencement Date or such other period as may be agreed with the Authority and shall maintain such certification for the duration of the Contract.
Sample 1Sample 2Sample 3See All (11)
COMPLIANCE WITH ISO/IEC 27001. The contractor shall obtain independent certification of the Security Plan to ISO27001 as soon as reasonably practicable and will maintain such certification for the duration of the Contract.
Sample 1Sample 2Sample 3See All (9)
COMPLIANCE WITH ISO/IEC 27001. 5.1 The Provider shall carry out such regular security audits as may be required by the British Standards Institute in order to maintain delivery of the Services in compliance with security aspects of ISO 27001 and shall promptly provide to the Authority any associated security audit reports and shall otherwise notify the Authority of the results of such security audits. 5.2 If it is the Authority's reasonable opinion that compliance with the principles and practices of ISO 27001 is not being achieved by the Provider, then the Authority shall notify the Provider of the same and give the Provider a reasonable time (having regard to the extent of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO 27001. If the Provider does not become compliant within the required time then the Authority has the right to obtain an independent audit against these standards in whole or in part. 5.3 If, as a result of any such independent audit as described in paragraph 5.2 the Provider is found to be non-compliant with the principles and practices of ISO 27001 then the Provider shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit.
Sample 1Sample 2Sample 3See All (8)
COMPLIANCE WITH ISO/IEC 27001. 5.1 Not Used 5.2 Not used 5.3 The Contractor shall carry out such regular security audits as may be required by the British Standards Institute in order to maintain delivery of the Services in compliance with security aspects of ISO 27001 and shall promptly provide to the Authority any associated security audit reports and shall otherwise notify the Authority of the results of such security audits. 5.4 If it is the Authority's reasonable opinion that compliance with the principles and practices of ISO 27001 is not being achieved by the Contractor, then the Authority shall notify the Contractor of the same and give the Contractor a reasonable time (having regard to the extent of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO 27001. If the Contractor does not become compliant within the required time then the Authority has the right to obtain an independent audit against these standards in whole or in part. 5.5 If, as a result of any such independent audit as described in paragraph 5.4 the Contractor is found to be non-compliant with the principles and practices of ISO 27001 then the Contractor shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit.
Sample 1
COMPLIANCE WITH ISO/IEC 27001. 5.1 The Prime Contractor shall carry out regular security audits in order to maintain delivery of the Services in compliance with the Security Plan and shall promptly provide to the Authority the relevant parts of any associated security audit reports and shall otherwise notify the Authority of the results of such security audits. 5.2 If it is the Authority's reasonable opinion that compliance with the principles and practices of ISO/IEC 27001 is not being achieved by the Prime Contractor, then the Authority shall notify the Prime Contractor of the same and give the Prime Contractor a reasonable time (having regard to the extent of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO/IEC 27001. If the Prime Contractor does not become compliant within the required time, then the Authority has the right to obtain an independent audit against those principles and practices in whole or in part. 5.3 If, as a result of any such independent audit as described in Paragraph 5.2 the Prime Contractor is found to be non-compliant with the principles and practices of ISO/IEC 27001 then the Prime Contractor shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit.
Sample 1
AutoNDA by SimpleDocs
COMPLIANCE WITH ISO/IEC 27001. 6.1 Where the Customer requests, the Supplier shall obtain independent certification of the ISMS to ISO/IEC 27001 within [twelve (12)] Months of the Commencement Date or such reasonable time period as to be agreed with the Customer and shall maintain such certification for the duration of the Contract. 6.2 [If certain parts of the ISMS do not conform to Good Industry Practice, or controls as described in ISO/IEC 27002 are not consistent with the Security Policy, and, as a result, the Supplier reasonably believes that it is not compliant with ISO/IEC 27001, the Supplier shall promptly notify the Customer of this and the Customer in its absolute discretion may waive the requirement for certification in respect of the relevant parts.]
Sample 1
COMPLIANCE WITH ISO/IEC 27001. 1The Hosting Supplier shall provide a Statement of Applicability for Approval by the Authority.
Sample 1
COMPLIANCE WITH ISO/IEC 27001. The Consultant shall carry out such regular security audits as may be required by the British Standards Institute in order to maintain delivery of the Consultancy Services in compliance with security aspects of ISO 27001 and shall promptly provide to the Agency any associated security audit reports and shall otherwise notify the Agency of the results of such security audits. If it is the Agency's reasonable opinion that compliance with the principles and practices of ISO 27001 is not being achieved by the Consultant, then the Agency shall notify the Consultant of the same and give the Consultant a reasonable time (having regard to the extent of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO 27001. If the Consultant does not become compliant within the required time then the Agency has the right to obtain an independent audit against these standards in whole or in part. If, as a result of any such independent audit as described in Paragraph 4.2 the Consultant is found to be non-compliant with the principles and practices of ISO 27001 then the Consultant shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Agency in obtaining such audit.
Sample 1
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!