CYBERSECURITY CONDITION State Grant Cybersecurity Sample Clauses

CYBERSECURITY CONDITION State Grant Cybersecurity. (a) The recipient agrees that when collecting and managing environmental data under this assistance agreement, it will protect the data by following all applicable State law cybersecurity requirements. (1) EPA must ensure that any connections between the recipient’s network or information system and EPA networks used by the recipient to transfer data under this agreement, are secure. For purposes of this Section, a connection is defined as a dedicated persistent interface between an Agency IT system and an external IT system for the purpose of transferring information. Transitory, user-controlled connections such as website browsing are excluded from this definition. If the recipient’s connections as defined above do not go through the Environmental Information Exchange Network or EPA’s Central Data Exchange, the recipient agrees to contact the EPA Project Officer (PO) and work with the designated Regional/Headquarters Information Security Officer to ensure that the connections meet EPA security requirements, including entering into Interconnection Service Agreements as appropriate. This condition does not apply to manual entry of data by the recipient into systems operated and used by EPA’s regulatory programs for the submission of reporting and/or compliance data. (2) The recipient agrees that any subawards it makes under this agreement will require the subrecipient to comply with the requirements in (b)(1) if the subrecipient’s network or information system is connected to EPA networks to transfer data to the Agency using systems other than the Environmental Information Exchange Network or EPA’s Central Data Exchange. The recipient will be in compliance with this condition: by including this requirement in subaward agreements; and during subrecipient monitoring deemed necessary by the recipient under 2 CFR 200.332(d), by inquiring whether the subrecipient has contacted the EPA Project Officer. Nothing in this condition requires the recipient to contact the EPA Project Officer on behalf of a subrecipient or to be involved in the negotiation of an Interconnection Service Agreement between the subrecipient and EPA.
Sample 1
AutoNDA by SimpleDocs
CYBERSECURITY CONDITION State Grant Cybersecurity a. Recipient agrees that when collecting and managing environmental data under this assistance agreement, it will protect the data by following all applicable State law cybersecurity requirements.‌ b. Recipient will comply with the requirements in Section 43c if Recipient’s network or information system is connected to EPA networks to transfer data to EPA using systems other than the Environmental Information Exchange Network or EPA’s Central Data Exchange. c. EPA must ensure that any connections between Recipient’s network or information system and EPA networks used by Recipient to transfer data under this agreement, are secure. For purposes of this Section, a connection is defined as a dedicated persistent interface between an Agency IT system and an external IT system for the purpose of transferring information. Transitory, user-controlled connections such as website browsing are excluded from this definition. If the recipient’s connections as defined above do not go through the Environmental Information Exchange Network or EPA’s Central Data Exchange, Recipient agrees to contact the EPA Project Officer (PO) and work with the designated Regional/Headquarters Information Security Officer to ensure that the connections meet EPA security requirements, including entering into Interconnection Service Agreements as appropriate. This condition does not apply to manual entry of data by Recipient into systems operated and used by EPA’s regulatory programs for the submission of reporting and/or compliance data. Agreement under the authority of Oregon revised Statutes 190.110. APPROVED BY RECIPIENT: Authorized Signer Date NAME, Executive Director Printed Name / Title EXAMPLE Index - PCA - Project
Sample 1

Related to CYBERSECURITY CONDITION State Grant Cybersecurity

  • Delivery Conditions (a) The Delivery Conditions are as follows: (i) At Seller’s expense, Seller shall have secured all Governmental and grid operations approvals as are necessary for the safe and lawful operation and maintenance of the Project and to enable Seller to deliver Distribution Services at the Initial Contract Capacity to Buyer. (ii) Seller shall have posted collateral as required by Section 10.4(a)(ii). (iii) Seller shall have submitted for Buyer’s review a Project Safety Plan incorporating the elements described in Appendix XII, which must demonstrate Seller’s ability to comply with the Safety Requirements on the IDD and for the Delivery Term. (iv) Seller shall have delivered to Buyer the Safety Attestation in accordance with Section 2(a) of Appendix XIV. (v) As of the IDD, no Seller’s Event of Default shall have occurred and remain uncured. (vi) At Seller’s expense, Seller or Contractor shall have constructed or caused to be constructed the Project as of the IDD and submitted the Certification for Commercial Operation in Appendix VII-A to enable (A) Seller to satisfy the obligations of the Seller herein and (B) the Project to deliver Distribution Services at the Contract Capacity to Buyer. (vii) At Seller’s expense, Seller shall have installed any necessary metering to deliver the applicable Distribution Services in accordance with Section 4.1 and any applicable tariffs of the Utility Distribution Company. (viii) Seller shall have met each Critical Milestone set forth in Appendix VI pursuant to Section 2.3.

  • New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to: (1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute; (2) Limit unsuccessful logon attempts; (3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions; (4) Authorize wireless access prior to allowing such connections; (5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity; (6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions; (7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles; (8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services; (9) Enforce a minimum password complexity and change of characters when new passwords are created; (10) Perform maintenance on organizational systems; (11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance; (12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1; (13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital; (14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse; (15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas; (16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems; (17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems; (18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception); (19) Protect the confidentiality of Student Data at rest; (20) Identify, report, and correct system flaws in a timely manner; (21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems; (22) Monitor system security alerts and advisories and take action in response; and (23) Update malicious code protection mechanisms when new releases are available.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!