Common use of Contractor Compliance and Warranty Relating to Cloud Computing Services Clause in Contracts

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (DIR) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (CCSs) that process (including storing or transmitting) the data of Texas state agencies (TX-RAMP). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University data, even if the University itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include the following CCSs: Contractor understands and agrees that the University may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section.

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (DIR) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (CCSs) that process (including storing or transmitting) the data of Texas state agencies (TX-RAMP). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University data, even if the University itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. [Option: Include if greater specificity is desired: Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include above are the following CCSsfollowing: _________________________________ _________________________________ _________________________________ ] Contractor understands and agrees that the University may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section.] University and Contractor have executed and delivered this Agreement to be effective as of the Effective Date. By: By: ___________________________ Name: Xxxx Xxxxxxxx, Ph.D. Name: ________________________ Title: Xxxxxxx and EVP for Academic Affairs Title: __________________________ Attest: ________________________ Corporate Secretary] EXHIBIT A – Scope of Work EXHIBIT B – Schedule _________________ _________________ _________________ _________________ Notwithstanding the foregoing, the total cumulative amount paid by University to Contractor will not exceed $_______________ (Fee Cap) without the prior written approval of University. In addition, total fees for each Phase of Work will not exceed the following specified amounts without the prior written approval of University: _________________ _________________ If University submits, in advance, a written request for additional work or services not contemplated or reasonably inferred by this Agreement, Contractor will be paid for actual hours incurred by Contractor’s personnel directly and solely in support of the additional work or services at the Work Fees provided above.

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (DIR) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (CCSs) that process (including storing or transmitting) the data of Texas state agencies (TX-RAMP). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University data, even if the University itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include the following CCSs: Contractor understands and agrees that the University may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section. Access by Individuals with Disabilities: Contractor represents and warrants (EIR Accessibility Warranty) the electronic and information resources and all associated information, documentation, and support Contractor provides to University under this Agreement (EIRs) comply with applicable requirements in 1 TAC Chapter 213 and 1 TAC §206.70 (ref. Subchapter M, Chapter 2054, Texas Government Code). To the extent Contractor becomes aware the EIRs, or any portion thereof, do not comply with the EIR Accessibility Warranty, then Contractor represents and warrants it will, at no cost to University, either (1) perform all necessary remediation to make the EIRs satisfy the EIR Accessibility Warranty or (2) replace the EIRs with new EIRs that satisfy the EIR Accessibility Warranty. If Contractor fails or is unable to do so, University may terminate this Agreement and, within thirty (30) days after termination, Contractor will refund to University all amounts University paid under this Agreement. Contractor will provide all assistance and cooperation necessary for performance and documentation of accessibility testing, planning, and execution criteria conducted by University or University’s third party testing resources, as required by 1 TAC §213.38(g).

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (“DIR”) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (“CCSs”) that process (including storing or transmitting) the data of Texas state agencies (“TX-RAMP”). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University UT data, even if the University UT itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. [Option: Include if greater specificity is desired: Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include above are the following CCSsfollowing: _________________________________ _________________________________ _________________________________ Contractor understands and agrees that the University UT may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section.]

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (DIR) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (CCSs) that process (including storing or transmitting) the data of Texas state agencies (TX-RAMP). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University data, even if the University itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include above are the following CCSsfollowing: Contractor understands and agrees that the University may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section. University and Contractor have executed and delivered this Agreement to be effective as of the Effective Date. THE UNIVERSITY OF TEXAS PERMIAN BASIN By: By: Name: Name: Title: Title: Attest: Corporate Secretary EXHIBIT A – Scope of Work EXHIBIT B – Schedule EXHIBIT C – Payment for Work EXHIBIT – Affirmative Action Compliance Program EXHIBIT – Environment Specifications This FERPA Confidentiality and Security Addendum (Addendum) is made and entered into effective as of [ ] (Effective Date) by and between The University of Texas Permian Basin a state agency and institution of higher education established under the laws of the State of Texas (University) and [ ] (Contractor), (collectively, Parties). The purpose of this Addendum is to provide the terms under which Contractor is required to maintain the confidentiality and security of any and all University records subject to the Family Educational Rights and Privacy Act, 20 United States Code §1232g (FERPA) which Contractor will create, receive, or maintain on behalf of University pursuant to (Underlying Agreement).

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (DIR) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (CCSs) that process (including storing or transmitting) the data of Texas state agencies (TX-RAMP). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University data, even if the University itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include above are the following CCSsfollowing: _ _ _ _ _ _ Contractor understands and agrees that the University may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section. University and Contractor have executed and delivered this Agreement to be effective as of the Effective Date. THE UNIVERSITY OF TEXAS PERMIAN BASIN By: By: Name: Name: Title: Title: Attest: Corporate Secretary EXHIBIT A – Scope of Work EXHIBIT B – Schedule EXHIBIT C – Payment for Work EXHIBIT – Affirmative Action Compliance Program EXHIBIT – Environment Specifications This FERPA Confidentiality and Security Addendum (Addendum) is made and entered into effective as of [ ] (Effective Date) by and between The University of Texas Permian Basin a state agency and institution of higher education established under the laws of the State of Texas (University) and [ ] (Contractor), (collectively, Parties). The purpose of this Addendum is to provide the terms under which Contractor is required to maintain the confidentiality and security of any and all University records subject to the Family Educational Rights and Privacy Act, 20 United States Code §1232g (FERPA) which Contractor will create, receive, or maintain on behalf of University pursuant to (Underlying Agreement).

Contractor Compliance and Warranty Relating to Cloud Computing Services. The Texas Department of Information Resources (DIR) has established and implemented a state risk and authorization management program providing a standardized approach for security assessment, authorization, and continuous monitoring of cloud computing services (CCSs) that process (including storing or transmitting) the data of Texas state agencies (TX-RAMP). The requirements of TX-RAMP include Section 2054.0593 of the Texas Government Code, Title 1, Rule 202.77 of the Texas Administrative Code, and DIR’s TX-RAMP Manual. Contractor represents and warrants that throughout the term of this Agreement it will comply with the requirements of TX-RAMP and that all CCSs subject to TX-RAMP will comply with the requirements of and be certified under TX-RAMP. The CCSs subject to TX-RAMP include those provided by Contractor either through this Agreement or in furtherance of this Agreement, including CCSs provided through Contractor’s subcontractors or third-party providers. A CCS used in furtherance of this Agreement includes a CCS that Contractor or its subcontractors or third-party providers use to process (including storing or transmitting) University data, even if the University itself does not access or use that CCS. Contractor’s subcontractors or third-party providers responsible solely for servicing or supporting a CCS provided by Contractor or another Contractor subcontractor or third-party provider shall not be required to provide evidence of TX-RAMP certification; instead, Contractor will be responsible for providing such evidence. The list of current TX-RAMP certified CCSs and DIR’s TX-RAMP Manual are set forth at xxxxx://xxx.xxxxx.xxx/txramp. [Option: Include if greater specificity is desired: Contractor further represents and warrants that the following are the only CCSs that it will provide either through this Agreement or in furtherance of this Agreement as provided above, and Contractor’s representations, warranties, and obligations under this Section include above are the following CCSsfollowing: _________________________________ _________________________________ _________________________________ ] Contractor understands and agrees that the University may not enter into or renew a contract with Contractor to purchase CCSs that are subject to TX-RAMP unless Contractor demonstrates compliance with TX-RAMP requirements. Contractor acknowledges this Agreement may be terminated and payment withheld if Contractor does not comply with TX-RAMP or this Section.]