Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
Independent Review Contractor shall provide the Secretary of ADS/CIO an independent expert review of any Agency recommendation for any information technology activity when its total cost is $1,000,000.00 or greater or when CIO requires one. The State has identified two sub-categories for Independent Reviews, Standard and Complex. The State will identify in the SOW RFP the sub-category they are seeking. State shall not consider bids greater than the maximum value indicated below for this category. Standard Independent Review $25,000 Maximum Complex Independent Review $50,000 Maximum Per Vermont statute 3 V.S.A. 2222, The Secretary of Administration shall obtain independent expert review of any recommendation for any information technology initiated after July 1, 1996, as information technology activity is defined by subdivision (a) (10), when its total cost is $1,000,000 or greater or when required by the State Chief Information Officer. Documentation of this independent review shall be included when plans are submitted for review pursuant to subdivisions (a)(9) and (10) of this section. The independent review shall include: • An acquisition cost assessment • A technology architecture review • An implementation plan assessment • A cost analysis and model for benefit analysis • A procurement negotiation advisory services contract • An impact analysis on net operating costs for the agency carrying out the activity In addition, from time to time special reviews of the advisability and feasibility of certain types of IT strategies may be required. Following are Requirements and Capabilities for this Service: • Identify acquisition and lifecycle costs; • Assess wide area network (WAN) and/or local area network (LAN) impact; • Assess risks and/or review technical risk assessments of an IT project including security, data classification(s), subsystem designs, architectures, and computer systems in terms of their impact on costs, benefits, schedule and technical performance; • Assess, evaluate and critically review implementation plans, e.g.: • Adequacy of support for conversion and implementation activities • Adequacy of department and partner staff to provide Project Management • Adequacy of planned testing procedures • Acceptance/readiness of staff • Schedule soundness • Adequacy of training pre and post project • Assess proposed technical architecture to validate conformance to the State’s “strategic direction.” • Insure system use toolsets and strategies are consistent with State Chief Information Officer (CIO) policies, including security and digital records management; • Assess the architecture of the proposed hardware and software with regard to security and systems integration with other applications within the Department, and within the Agency, and existing or planned Enterprise Applications; • Perform cost and schedule risk assessments to support various alternatives to meet mission need, recommend alternative courses of action when one or more interdependent segment(s) or phase(s) experience a delay, and recommend opportunities for new technology insertions; • Assess the architecture of the proposed hardware and software with regard to the state of the art in this technology. • Assess a project’s backup/recovery strategy and the project’s disaster recovery plans for adequacy and conformance to State policy. • Evaluate the ability of a proposed solution to meet the needs for which the solution has been proposed, define the ability of the operational and user staff to integrate this solution into their work.
Joint Review JADRC may, at the request of either party, review issues arising from the application of this Article.
ADB’s Review of Procurement Decisions 9. All contracts procured under international competitive bidding procedures and contracts for consulting services shall be subject to prior review by ADB, unless otherwise agreed between the Borrower and ADB and set forth in the Procurement Plan. SCHEDULE 5
Independent Review and Inspection The Owner may undertake independent inspection of the installation of the Work. Such independent inspector shall operate on behalf of the Owner and shall act to protect the best interests of the Owner.
Office of Inspector General Investigative Findings Expert Review In accordance with Senate Bill 799, Acts 2021, 87th Leg., R.S., if Texas Government Code, Section 531.102(m-1)(2) is applicable to this Contract, Contractor affirms that it possesses the necessary occupational licenses and experience.
OIG INSPECTION, AUDIT, AND REVIEW RIGHTS In addition to any other rights OIG may have by statute, regulation, or contract, OIG or its duly authorized representative(s) may conduct interviews, examine or request copies of Xxxxxx’x books, records, and other documents and supporting materials and/or conduct on-site reviews of any of Xxxxxx’x locations for the purpose of verifying and evaluating: (a) Xxxxxx’x compliance with the terms of this IA and (b) Xxxxxx’x compliance with the requirements of the Federal health care programs. The documentation described above shall be made available by Xxxxxx to OIG or its duly authorized representative(s) at all reasonable times for inspection, audit, and/or reproduction. Furthermore, for purposes of this provision, OIG or its duly authorized representative(s) may interview Xxxxxx and any of Xxxxxx’x employees or contractors who consent to be interviewed at the individual’s place of business during normal business hours or at such other place and time as may be mutually agreed upon between the individual and OIG. Xxxxxx shall assist OIG or its duly authorized representative(s) in contacting and arranging interviews with such individuals upon OIG’s request. Xxxxxx’x employees and contractors may elect to be interviewed with or without a representative of Xxxxxx present.
Engagement of Independent Review Organization Within 60 days after the Effective Date, Xx. Xxxxxx shall engage an individual or entity, such as an accounting, auditing, or consulting firm (hereinafter “Independent Review Organization” or “IRO”), to perform the reviews listed in this Section III.C. The applicable requirements relating to the IRO are outlined in Appendix A to this IA, which is incorporated by reference.
Contractor Information The Contractor will provide up to date information for each of the following in the form and manner specified by OGS:
Project Review A. Programmatic Allowances
