INFORMATION ASSURANCE Sample Clauses

INFORMATION ASSURANCE. 42.1. In April 2014 the UK Government Cabinet Office introduced the Government Security Classifications - ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/government-security- classifications – which allows information assets to be classified into three types: Official, Secret and Top Secret. Additionally, in cases where there is a clear and justifiable requirement to reinforce the “need to know‟, assets should be conspicuously marked as Official-Sensitive. 42.2. This replaced the previous Government Protective Marking Scheme and removed links to the Communications-Electronics Security Group Business Impact Level scale which had been widely used to differentiate security requirements across IT systems and services. 42.3. The Contractor must be able to provide all core requirements at the Official classification and should be capable of providing some of the requirements at a higher classification.

INFORMATION ASSURANCE. The Subcontractor shall comply with its obligations set out in Schedule 12 (Information Assurance).

INFORMATION ASSURANCE. (a) Information provided by BUYER to SELLER remains the property of BUYER. SELLER shall comply with the terms of any proprietary information agreement with BUYER and comply with all proprietary information markings and restrictive legends applied by BUYER to anything provided hereunder to SELLER. SELLER shall not use any BUYER provided information for any purpose except to perform this Contract and shall not disclose such information to third parties without the prior written consent of BUYER. SELLER shall maintain data protection processes and systems sufficient to adequately protect BUYER provided information and comply with any law or regulation applicable to such information. (b) If SELLER becomes aware of any compromise of information used in the performance of this Contract or provided by BUYER to SELLER, its officers, employees, agents, suppliers, or subcontractors (an “Incident”), SELLER shall take appropriate immediate actions to investigate and contain the Incident and any associated risks, including notification within seventy-two (72) hours to BUYER after learning of the Incident. As used in this clause, “compromise” means that information has been exposed to unauthorized access, inadvertent disclosure, known misuse, loss, destruction, or alteration other than as required to perform the Work. SELLER shall provide reasonable cooperation to BUYER in conducting any investigation regarding the nature and scope of any Incident. Any costs incurred in investigating or remedying Incidents shall be borne by SELLER. (c) Any BUYER provided information identified as proprietary or subject to restrictions on public disclosure by law or regulation shall be encrypted (i) if transmitted via the Internet, or (ii) during electronic storage if potentially accessible by the Internet or otherwise by non-authorized users. (d) The provisions set forth above are in addition to and do not alter, change or supersede any obligations contained in a proprietary information agreement between the parties.

INFORMATION ASSURANCE. Any services not expressly included in this statement of work.

INFORMATION ASSURANCE. Motorola services not included in this statement of work.

INFORMATION ASSURANCE. 43.1.10.1 The Supplier grants the Supported PSM the right to specify the security procedure that must be adopted when the Supplier handles Supported PSM data.

INFORMATION ASSURANCE. 25.1 When handling Customer or Supported PSM data, the Supplier will ensure the security of the data is maintained in line with the protective marking given to that data by the Customer, and by adopting the any security procedures specified appropriate elements of the Cabinet Office Security Policy Framework and supporting documents and any successors thereof as agreed with the Customer or Supported PSM and set out in the Award Letter or Specification. 25.2 The Customer reserves the right to inspect the physical location of the data store or processing, back-up arrangements and review at appropriate intervals to be agreed with the Customer any information assurance processes and procedures in place.

INFORMATION ASSURANCE. Notwithstanding clause 69.1.2 (Data Protection), the Contractor undertakes that all Prisoner and visitor data shall be stored, processed and accessed within the United Kingdom only.

INFORMATION ASSURANCE. Army and DOD Policy 6.1 Information Assurance (AR 25-2), ▇▇▇▇://▇▇▇.▇▇▇.▇▇▇▇.▇▇▇/pdffiles/r25_2.pdf 6.2 Information Assurance Best Business Practice, Information Assurance Tools (version 2.0), 1 August 2014, ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇.▇▇▇/book/servlet/JiveServlet/download/▇▇▇▇▇-▇▇-▇▇▇▇▇▇/03-DC-O- 6.3 DOD Instruction 8510.01, 12 March 2014, Risk Management Framework (RMF) for DoD Information Technology (IT), ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/851001_2014.pdf 6.4 Disposition of Unclassified DOD Computer Hard Drives. 4 June 2001, Effective 4 June 2001, ▇▇▇▇://▇▇▇.▇▇.▇▇.▇▇▇/au/holmcenter/AFJROTC/documents/DispositionofUnclassifiedDoDComputerHardDrives.pdf 6.5 ▇▇▇▇ 8330.01, Interoperability of Information Technology (IT), Including National Security Systems (NSS), May 21, 2014. ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/833001p.pdf 6.6 CJCSI 6212.01F Net Ready Key Performance Parameter (NR KPP), 21 March 2012, ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/cjcs_directives/cdata/unlimit/6212_01.pdf 6.7 DOD Instruction 5200.01, “DOD Information Security Program and Protection of Sensitive Compartmented Information,” October 9, 2008, ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/520001p.pdf 6.8 DOD Instruction O-8530.2, Support to Computer Network Defense (CND), March 9, 2001, (Requires DoD Common Access Card (CAC) for access) ▇▇▇▇▇://▇▇▇▇▇▇▇▇▇.▇▇▇▇.▇▇▇/corres/pdf/O85302p.pdf 6.9 DOD Instruction 8500.01, Cybersecurity, 14 March 2014, ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/850001_2014.pdf 6.10 ▇▇▇▇ 8580.1, Information Assurance (IA) in the Defense Acquisition System, 9 June 2004, ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/858001p.pdf 6.11 ▇▇▇▇ 8570.01, Information Assurance Training, Certification, and Workforce Management, 23 April 2007, ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/857001p.pdf 6.12 DEPARTMENT OF DEFENSE (DOD) 8570.01-M, CHANGE 3, INFORMATION ASSURANCE WORKFORCE IMPROVEMENT PROGRAM, 24 January 2012. ▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇/whs/directives/corres/pdf/857001m.pdf 6.13 CIO/G6, CYBER DIRECTORATE, BEST BUSINESS PRACTICE 05-PR-M-0002, IA TRAINING AND CERTIFICATION, VERSION 5.0, 06 March 2012 ▇▇▇▇▇://▇▇.▇▇▇▇▇▇.▇▇▇▇.▇▇▇/docs/pub.trainingandcertificationbbpfinal10.pdf 6.14 Defense Acquisition Guidebook _ Chapter 7 Acquiring Information Technology and National Security Systems, Section 7.5 Information Assurance ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/Pages/Default.aspx 6.15 DOD CIO Memorandum, Encryption of Sensitive Unclassified Data at Rest on Mobile Computing Devices and Removable Storag...