Security Audit Customer agrees that PROS’ Audit Report will be used to satisfy any audit or inspection requests by or on behalf of Customer, and PROS will make Audit Reports available to Customer upon request. PROS will promptly remediate any material weaknesses or significant control deficiencies identified in any Audit Reports. In the event that an audit opinion is qualified and the qualification has not been remediated by the date of the Audit Report, PROS shall (i) provide Customer with PROS remediation plan; and (ii) execute such plan in accordance with its terms.
Security Audits Each Contract Year, County may perform or have performed security reviews and testing based on an IT infrastructure review plan. Such testing shall ensure all pertinent County security standards as well as any customer agency requirements, such as federal tax requirements or HIPPA.
Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.
Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.
Auditor Report; Right to Audit (a) Within the time period permitted for the examination audit pursuant to 12 CFR Section 363 after the end of each fiscal year during which the Receiver makes any payment to the Assuming Institution under this Single Family Shared-Loss Agreement, the Assuming Institution shall deliver to the Receiver a report signed by its independent public accountants stating that they have reviewed the terms of this Single Family Shared-Loss Agreement and that, in the course of their annual audit of the Assuming Institution’s books and records, nothing has come to their attention suggesting that any computations required to be made by the Assuming Institution during such fiscal year pursuant to this Article II were not made by the Assuming Institution in accordance herewith. In the event that the Assuming Institution cannot comply with the preceding sentence, it shall promptly submit to the Receiver corrected computations together with a report signed by its independent public accountants stating that, after giving effect to such corrected computations, nothing has come to their attention suggesting that any computations required to be made by the Assuming Institution during such year pursuant to this Article II were not made by the Assuming Institution in accordance herewith. In such event, the Assuming Institution and the Receiver shall make all such accounting adjustments and payments as may be necessary to give effect to each correction reflected in such corrected computations, retroactive to the date on which the corresponding incorrect computation was made.
(b) The Assuming Institution shall perform on an annual basis an internal audit of its compliance with the provisions of this Article II and shall provide the Receiver and the Corporation with copies of the internal audit reports and access to internal audit workpapers related to such internal audit.
(c) The Receiver or the FDIC in its corporate capacity (“Corporation”), its contractors and their employees, and its agents may perform an audit or audits to determine the Assuming Institution’s compliance with the provisions of this Single Family Shared-Loss Agreement, including this Article II, by providing not less than ten (10) Business Days’ prior written notice. Assuming Institution shall provide access to pertinent records and proximate working space in Assuming Institution’s facilities. The scope and duration of any such audit shall be within the reasonable discretion of the Receiver or the Corporation, but shall in no event be administered in a manner that unreasonably interferes with the operation of the Assuming Institution’s business. The Receiver or the Corporation, as the case may be, shall bear the expense of any such audit. In the event that any corrections are necessary as a result of such an audit or audits, the Assuming Institution and the Receiver shall make such accounting adjustments and payments as may be necessary to give retroactive effect to such corrections.
SERVICE MONITORING, ANALYSES AND ORACLE SOFTWARE 11.1 We continuously monitor the Services to facilitate Oracle’s operation of the Services; to help resolve Your service requests; to detect and address threats to the functionality, security, integrity, and availability of the Services as well as any content, data, or applications in the Services; and to detect and address illegal acts or violations of the Acceptable Use Policy. Oracle monitoring tools do not collect or store any of Your Content residing in the Services, except as needed for such purposes. Oracle does not monitor, and does not address issues with, non-Oracle software provided by You or any of Your Users that is stored in, or run on or through, the Services. Information collected by Oracle monitoring tools (excluding Your Content) may also be used to assist in managing Oracle’s product and service portfolio, to help Oracle address deficiencies in its product and service offerings, and for license management purposes.
11.2 We may (i) compile statistical and other information related to the performance, operation and use of the Services, and (ii) use data from the Services in aggregated form for security and operations management, to create statistical analyses, and for research and development purposes (clauses i and ii are collectively referred to as “Service Analyses”). We may make Service Analyses publicly available; however, Service Analyses will not incorporate Your Content, Personal Data or Confidential Information in a form that could serve to identify You or any individual. We retain all intellectual property rights in Service Analyses.
11.3 We may provide You with the ability to obtain certain Oracle Software (as defined below) for use with the Services. If we provide Oracle Software to You and do not specify separate terms for such software, then such Oracle Software is provided as part of the Services and You have the non-exclusive, worldwide, limited right to use such Oracle Software, subject to the terms of this Agreement and Your order (except for separately licensed elements of the Oracle Software, which separately licensed elements are governed by the applicable separate terms), solely to facilitate Your use of the Services. You may allow Your Users to use the Oracle Software for this purpose, and You are responsible for their compliance with the license terms. Your right to use any Oracle Software will terminate upon the earlier of our notice (by web posting or otherwise) or the end of the Services associated with the Oracle Software. Notwithstanding the foregoing, if Oracle Software is licensed to You under separate terms, then Your use of such software is governed by the separate terms. Your right to use any part of the Oracle Software that is licensed under the separate terms is not restricted in any way by this Agreement.
NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.
Supplier Diversity Seller shall comply with Xxxxx’s Supplier Diversity Program in accordance with Appendix V.
Security of All Software Components Supplier will inventory all software components (including open source software) used in Deliverables, and provide such inventory to Accenture upon request. Supplier will assess whether any such components have any security defects or vulnerabilities that could lead to a Security Incident. Supplier will perform such assessment prior to providing Accenture with access to such software components and on an on-going basis thereafter during the term of the Agreement. Supplier will promptly notify Accenture of any identified security defect or vulnerability and remediate same in a timely manner. Supplier will promptly notify Accenture of its remediation plan. If remediation is not feasible in a timely manner, Supplier will replace the subject software component with a component that is not affected by a security defect or vulnerability and that does not reduce the overall functionality of the Deliverable(s).
Cybersecurity Training A. Contractor represents and warrants that it will comply with the requirements of Section 2054.5192 of the Texas Government Code relating to cybersecurity training and required verification of completion of the training program.
B. Contractor represents and warrants that if Contractor or Subcontractors, officers, or employees of Contractor have access to any state computer system or database, the Contractor, Subcontractors, officers, and employees of Contractor shall complete cybersecurity training pursuant to and in accordance with Government Code, Section 2054.5192.
