Cyber Essentials. The Recipient will be required to ensure that any IT Network, part of an IT network, or IT equipment used for OFFICIAL information under the Grant Agreement (including any used by sub-contractors) is operated and maintained in accordance with the technical requirements prescribed under the Government’s Cyber Essentials Scheme. The level of verification required against this contract will be a minimum of Cyber Essentials. The Funder requires the Recipient to provide assurance that these technical requirements are being complied with. Assurance must be provided through verification by a technically competent, independent third party to a minimum level equivalent to Cyber Essentials. The Funder will maintain a right to audit the Recipient’s premises to assure that security standards are maintained. The Funder may terminate the Grant Agreement if Cyber Essentials Certification is not maintained on an annual basis. Information Security and Resilience The Funder seeks assurance that the Recipient provides an acceptable standard of leadership and governance, risk management, incident response and security by design in relation to information security. The Recipient shall provide a summary of these information security capabilities and key members of staff responsible for managing information security with respect to the Grant Agreement If the Recipient proposes to host or process data in a Cloud-based system or service, then the Recipient shall evidence how they have or will address all the NCSC cloud security principles outlined in: xxxxx://xxx.xxxx.xxx.xx/collection/cloud-security?curPage=/collection/cloud-security/implementing-the-cloud-security-principles All data should be hosted and processed in the UK. Where the Recipient is unable to satisfy this requirement, then this must be identified in the Request for Research Proposal to enable the Funder to make a risk-based decision on the acceptability of a proposed solution where the Funder's information classified at OFFICIAL may be hosted and stored in the EEA. No Funder's information may be hosted or Processed outside the UK or EEA. The Recipient must ensure its employees and sub-contractors comply with SCP07 when wishing to travel abroad whilst carrying the Funder’s information and/or the Funder’s ICT equipment. The Recipient shall provide evidence that all IT systems to be used in the management and delivery of this CTS are routinely tested and patched for vulnerabilities. The Funder retains the right to re...
Cyber Essentials. 4.1 The Provider has and will maintain certification under the HM Government Cyber Essentials Scheme (basic level) until such time as the Provider obtains certification under paragraph 4.2 of this Schedule 2.
Cyber Essentials certificate;
Cyber Essentials. 6.6 It is mandatory for Suppliers by the date of the Framework Agreement or at a later date when Cyber Essentials Data are received by the Supplier to demonstrate that they meet the technical requirements prescribed by Cyber Essentials. This is in order to further reduce the levels of cyber security risks in their supply chains. The Cyber Essentials Scheme and the related Assurance Framework both indicate that there are two levels of protection in dealing with cyber security risks. These include a more basic level of assurance which is known as Cyber Essentials and a more advanced level of assurance known as "Cyber Essentials Plus". With regard to the Services, Suppliers must demonstrate that they have achieved the level of assurance known as Cyber Essentials. Suppliers shall demonstrate this in one of the ways listed below:
Cyber Essentials. To support this we also have in place a layered technical defence involving firewalls, access control, end point protection and a two factor authentication system for internal access to the platform.
Cyber Essentials. This clause provides a way to include the Government Cyber Essentials scheme into construction projects. This scheme provides for a number of controls which organisations should implement to reduce the risk of common internet based threats. The clause lists obligations on the Consultant to provide proof of the required certification at certain stages of the project, and to apply the same obligations to its sub-contractors.
Cyber Essentials. The Client and the Consultant shall comply with the provisions of schedule [Guidance: insert schedule ref here] "
Cyber Essentials. The Supplier shall provide a Cyber Essentials Scheme Plus Certificate in accordance with the provisions of Clauses 21 to 26 of Schedule 3. 18 Subcontractors Without prejudice to the Supplier’s obligations in this Framework Contract regarding Sub- contracts, the Supplier shall comply with Schedule 5 (Specification) and Schedule 16 (Registration and Management of Subcontractors) in respect of all Subcontractors. The Parties agree that Subcontractors are not considered Key-Subcontractors for the purposes of this Framework Contract.
Cyber Essentials. The Buyer confirms that a Cyber Essentials certificate will not be required.
