Access Controls a. Authorized Access - DST shall have controls that are designed to maintain the logical separation such that access to systems hosting Fund Data and/or being used to provide services to Fund will uniquely identify each individual requiring access, grant access only to authorized personnel based on the principle of least privileges, and prevent unauthorized access to Fund Data.
Audit Controls P. Contractor agrees to an annual system security review by the County to assure that systems processing and/or storing Medi-Cal PII are secure. This includes audits and keeping records for a period of at least three (3) years. A routine procedure for system review to catch unauthorized access to Medi-Cal PII shall be established by the Contractor.
Personnel Controls The County Department/Agency agrees to advise County Workers who have access to Pll, of the confidentiality of the information, the safeguards required to protect the information, and the civil and criminal sanctions for non- compliance contained in applicable federal and state laws. For that purpose, the County Department/Agency shall implement the following personnel controls:
Expansive Controls Where the capability exists, originating or terminating traffic reroutes may be implemented by either Party to temporarily relieve network congestion due to facility failures or abnormal calling patterns. Reroutes will not be used to circumvent normal trunk servicing. Expansive controls will only be used when mutually agreed to by the Parties.
Administrative Controls The Contractor must have the following controls in place:
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Accounting Controls The Company and its Subsidiaries maintain systems of “internal control over financial reporting” (as defined under Rules 13a-15 and 15d-15 under the Exchange Act Regulations) that comply with the requirements of the Exchange Act and have been designed by, or under the supervision of, their respective principal executive and principal financial officers, or persons performing similar functions, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP, including, but not limited to, internal accounting controls sufficient to provide reasonable assurance that (i) transactions are executed in accordance with management’s general or specific authorizations; (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability; (iii) access to assets is permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company is not aware of any material weaknesses in its internal controls. The Company’s auditors and the Audit Committee of the Board of Directors of the Company have been advised of: (i) all significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting which are known to the Company’s management and that have adversely affected or are reasonably likely to adversely affect the Company’ ability to record, process, summarize and report financial information; and (ii) any fraud known to the Company’s management, whether or not material, that involves management or other employees who have a significant role in the Company’s internal controls over financial reporting.
Security Controls for State Agency Data In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.138, Contractor understands, acknowledges, and agrees that if, pursuant to this Contract, Contractor is or will be authorized to access, transmit, use, or store data for System Agency, Contractor is required to meet the security controls the System Agency determines are proportionate with System Agency’s risk under the Contract based on the sensitivity of System Agency’s data and that Contractor must periodically provide to System Agency evidence that Contractor meets the security controls required under the Contract.
Supervisory Control and Data Acquisition (SCADA) Capability The wind plant shall provide SCADA capability to transmit data and receive instructions from the ISO and/or the Connecting Transmission Owner for the Transmission District to which the wind generating plant will be interconnected, as applicable, to protect system reliability. The Connecting Transmission Owner for the Transmission District to which the wind generating plant will be interconnected and the wind plant Developer shall determine what SCADA information is essential for the proposed wind plant, taking into account the size of the plant and its characteristics, location, and importance in maintaining generation resource adequacy and transmission system reliability in its area.
FORMAT AND CONTENT FOR REGISTRY OPERATOR MONTHLY REPORTING Registry Operator shall provide one set of monthly reports per gTLD, using the API described in draft-‐xxxxxx-‐icann-‐registry-‐interfaces, see Specification 2, Part A, Section 9, reference 5, with the following content. ICANN may request in the future that the reports be delivered by other means and using other formats. ICANN will use reasonable commercial efforts to preserve the confidentiality of the information reported until three (3) months after the end of the month to which the reports relate. Unless set forth in this Specification 3, any reference to a specific time refers to Coordinated Universal Time (UTC). Monthly reports shall consist of data that reflects the state of the registry at the end of the month (UTC).
