Data Controller The Sponsor shall be the data controller for such personal data except that, if Quintiles deals with any personal data under this Agreement in the manner of a data controller, Quintiles shall be the data controller of such personal data to the extent of such dealings. Quintiles may process "personal data", as defined in the applicable data protection legislation enacted under the same or equivalent/similar national legislation (collectively "Data Protection Legislation"), of the Investigator and Study Staff for study-related purposes and all such processing will be carried out in accordance with the Data Protection Legislation.
Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.
TIA Controls If any provision of this Indenture limits, qualifies, or conflicts with another provision which is required to be included in this Indenture by the TIA, the required provision shall control.
Audit Controls a. System Security Review. CONTRACTOR must ensure audit control mechanisms that record and examine system activity are in place. All systems processing and/or storing PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.
Compliance Control Services (1) Support reporting to regulatory bodies and support financial statement preparation by making the Fund's accounting records available to the Trust, the Securities and Exchange Commission (the “SEC”), and the independent accountants. (2) Maintain accounting records according to the 1940 Act and regulations provided thereunder. (3) Perform its duties hereunder in compliance with all applicable laws and regulations and provide any sub-certifications reasonably requested by the Trust in connection with any certification required of the Trust pursuant to the Xxxxxxxx-Xxxxx Act of 2002 (the “SOX Act”) or any rules or regulations promulgated by the SEC thereunder, provided the same shall not be deemed to change USBFS’s standard of care as set forth herein. (4) Cooperate with the Trust’s independent accountants and take all reasonable action in the performance of its obligations under this Agreement to ensure that the necessary information is made available to such accountants for the expression of their opinion on the Fund’s financial statements without any qualification as to the scope of their examination.
Administrative Controls The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
The Web Services E-Verify Employer Agent agrees to, consistent with applicable laws, regulations, and policies, commit sufficient personnel and resources to meet the requirements of this MOU.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Accounting Controls The Company and its Subsidiaries maintain systems of “internal control over financial reporting” (as defined under Rules 13a-15 and 15d-15 under the Exchange Act Regulations) that comply with the requirements of the Exchange Act and have been designed by, or under the supervision of, their respective principal executive and principal financial officers, or persons performing similar functions, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP, including, but not limited to, internal accounting controls sufficient to provide reasonable assurance that (i) transactions are executed in accordance with management’s general or specific authorizations; (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability; (iii) access to assets is permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company is not aware of any material weaknesses in its internal controls. The Company’s auditors and the Audit Committee of the Board of Directors of the Company have been advised of: (i) all significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting which are known to the Company’s management and that have adversely affected or are reasonably likely to adversely affect the Company’ ability to record, process, summarize and report financial information; and (ii) any fraud known to the Company’s management, whether or not material, that involves management or other employees who have a significant role in the Company’s internal controls over financial reporting.
Security Controls for State Agency Data In accordance with Senate Bill 475, Acts 2021, 87th Leg., R.S., pursuant to Texas Government Code, Section 2054.138, Contractor understands, acknowledges, and agrees that if, pursuant to this Contract, Contractor is or will be authorized to access, transmit, use, or store data for System Agency, Contractor is required to meet the security controls the System Agency determines are proportionate with System Agency’s risk under the Contract based on the sensitivity of System Agency’s data and that Contractor must periodically provide to System Agency evidence that Contractor meets the security controls required under the Contract.
