Information Security; Compliance Sample Clauses

Information Security; Compliance. 3.1 Supplier is responsible for the security of any Buyer Data to the extent it Processes such data. Supplier shall, at its sole cost and expense, implement Security Measures that are no less rigorous than, and shall only Process Buyer Data in such a manner so as to comply with: (a) a Security Framework; (b) Privacy and Security Laws; (c) MBN 9666 Standards (to the extent applicable to the Services), and (d) any other requirements of this Addendum or the Agreement. 3.2 At a minimum, Supplier’s Security Measures shall include: (a) access controls (including multi-factor authentication, where appropriate); (b) physical security; (c) encryption of Buyer Data at rest and in transit; (d) segregation of Buyer Data from Supplier’s other customers’ data; (e) privacy and security awareness training; (f) record maintenance, including, without limitation, incident and compliance recordkeeping consistent with the Security Framework; (g) Secure Development Practices with regard to applications that Process Buyer Data; and (i) incident response, vulnerability mitigation, and vendor management programs. 3.3 Remote access to Buyer Data or Buyer Systems is only allowed upon prior written approval by Xxxxx and must occur through access points approved by Buyer. Supplier systems used for such remote access must be protected according to the requirements of this Addendum. 3.4 If, in the course of its engagement, Supplier has access to or will Process credit, debit, or other payment card information (“PCI”), Supplier shall at all times remain in compliance with the Payment Card Industry Data Security Standard (“PCI DSS”) requirements, including remaining aware at all times of changes to the PCI DSS and promptly implementing all procedures and practices as may be necessary to remain in compliance with the PCI DSS. As evidence of compliance with PCI DSS, Supplier will provide a current attestation of compliance at the commencement of Services and at regular intervals thereafter. Supplier will create and maintain reasonably detailed, complete, and accurate documentation describing the systems, processes, network segments, security controls, and data flows used to receive, transmit, store, and secure PCI that it obtains in connection with the Services. Such documentation shall conform to the most current version of the PCI DSS. 3.5 Supplier shall ensure only Supplier-owned, managed, or leased end-user devices are used by Supplier to Process Buyer Data and shall promptly notify Buy...
AutoNDA by SimpleDocs
Information Security; Compliance. Ellucian will design and maintain a control environment for the Hosting Services aligned with global information security practices and standards such as ISO 27001 and third party attestation frameworks such as SSAE 16 / SOC 1 and SOC 2.
Information Security; Compliance. Ellucian will design and maintain a control environment for the Cloud Software aligned with global information security practices and standards such as ISO 27001 and third-party attestation frameworks such as SSAE 18 / SOC 1 and SOC 2.
Information Security; Compliance. Contractor warrants to the State that it is familiar with the requirements of the State of Tennessee Enterprise Information Security Policies, and has measures in place that ensure that all data records are transported, stored and accessed in a secure manner. All data is property of the State of Tennessee. The system or contractor must meet or exceed the State’s information security requirements for access control, authentication, storage, data destruction, system maintenance and patching and must be compliant with best practices for secure application development as defined in ISO/IEC 27000 series. The State of Tennessee Information Security policy can be found at the following link: xxxx://xxx.xx.xxx/assets/entities/finance/oir/attachments/PUBLIC-Enterprise-Information-Security-Policies-v2.0_1.pdf Contractor warrants that it will cooperate with the State in the course of performance of the Contract so that both parties will be in compliance with State Enterprise Information Security Policies requirements and any other state and federal computer security regulations including cooperation and coordination with State computer security officials and other compliance officers required by its regulations. The State may conduct audits of Contractor’s compliance with the State’s Enterprise Information Security Policy (“The Policy”) or under this Contract, including those obligations imposed by Federal or State law, regulation or policy. The State’s or State’s designee’s right to conduct security audits is independent of any other audit or monitoring required by this Contract. The timing and frequency of such audits shall be at the State’s discretion and may but not necessarily shall, be in response to a security incident. A security audit may include the following: (i) review of access logs, screen shots and other paper or electronic documentation relating to Contractor’s compliance with the Policy. This may include review of documentation relevant to subcontractors or suppliers of security equipment and services used with respect to State data; (ii) physical inspection of controls such as door locks, file storage, communications systems, and employee identification procedures; and (iii) interviews of responsible technical and management personnel regarding security procedures. Contractor shall provide reports or additional information upon request of the State and access by the State or the State's designated staff to Contractor’s facilities and/or any location...
Information Security; Compliance a. The Contractor warrants to the State that Sub-vendor shall comply with information security as follows: i. Sub-vendors shall be familiar with the requirements of the State of Tennessee Enterprise Information Security Policies, as may be updated from time to time, and can be found at the following link: xxxxx://xxx.xx.xxx/content/dam/tn/finance/documents/Enterprise-Information- Security-Policies-ISO-27002-Public.pdf. ii. Sub-vendors shall have measures in place that ensure that all data records, including computer source and object code, are transported and stored in the United States using FIPS 140-2 validated encryption technologies. iii. Sub-vendors shall implement practices and facilities to meet or exceed the State of Tennessee’s information security requirements for access control, authentication, system maintenance, and patching. iv. Sub-vendors shall be compliant with best practices for secure application development as defined in ISO/IEC 27000 or later series and shall provide proof of compliance annually or upon State request. v. The Sub-vendor is not authorized to host any Federal Tax Information, Centers for Medicare and Medicaid Services Information or Criminal Justice Information Services Information b. Contractor warrants that it shall cooperate with the State agencies in the course of performance of the Contract so that both parties will be in compliance with State Enterprise Information Security Policies requirements and any other state and federal computer security regulations including cooperation and coordination with State of Tennessee computer security officials and other compliance officers required by its regulations. Contractor shall bear the expense of and require any staff that has access to systems or data that the State of Tennessee designates as sensitive or protected to undergo background checks that are inclusive of both criminal and financial history and shall provide proof of satisfactory results. c. The Contractor agrees to require all Sub-vendors to abide by the following: i. Current updated virus software and virus definition files that are enabled to perform real time scans shall be maintained on all Sub-vendor-supplied hardware; ii. Sub-vendor shall not install or utilize remote control or file sharing software unless explicitly approved in writing by the State of Tennessee; and iii. Utilize best practice authentication methods to prevent access from unauthorized individuals and entities. iv. Sub-vendor shall not co...
Information Security; Compliance. 9.5.1 Contractor must comply with the following County Board of Supervisors approved information security policies, as applicable:
Information Security; Compliance. 3.1 Licensee is responsible for the Security of any MBUSA Data to the extent it Processes such data. Licensee shall, at its sole cost and expense, implement Security that is no less rigorous than, and shall only Process MBUSA Data in such a manner so as to comply with: (a) the Security Framework; (b) Privacy and Security Laws; and (c) any other requirements of this Addendum or the Agreement. Licensee shall immediately notify MBUSA if Licensee knows that any written instruction by MBUSA would cause either or both parties to violate Privacy and Security Laws. 3.2 At a minimum, Licensee’s Security shall include: (a) access controls; (b) physical security;
AutoNDA by SimpleDocs
Information Security; Compliance. Contractor shall perform periodic audits and maintain relevant security based certifications and/or independent assessments to demonstrate and substantiate the Contractor's compliance with applicable laws and terms and conditions governing the Contractor services. Xxxxxxx College reserves the right to request evidence of this compliance and Xxxxxxx College agrees to maintain any such evidence as Confidential Information of the Contractor and will not disclose such information unless under legal obligation or with the explicit permission of the Contractor to do so.
Information Security; Compliance 

Related to Information Security; Compliance

  • Inspection; Compliance Lessor and Lessor's Lender(s) (as defined in Paragraph 8.3(a)) shall have the right to enter the Premises at any time, in the case of an emergency, and otherwise at reasonable times, for the purpose of inspecting the condition of the Premises and for verifying compliance by Lessee with this Lease and all Applicable Laws (as defined in Paragraph 6.3), and to employ experts and/or consultants in connection therewith and/or to advise Lessor with respect to Lessee's activities, including but not limited to the installation, operation, use, monitoring, maintenance, or removal of any Hazardous Substance or storage tank on or from the Premises. The costs and expenses of any such inspections shall be paid by the party requesting same, unless a Default or Breach of this Lease, violation of Applicable Law, or a contamination, caused or materially contributed to by Lessee is found to exist or be imminent, or unless the inspection is requested or ordered by a governmental authority as the result of any such existing or imminent violation or contamination. In any such case, Lessee shall upon request reimburse Lessor or Lessor's Lender, as the case may be, for the costs and expenses of such inspections.

  • INDEMNITY/COMPLIANCE 4.1 A-E shall indemnify, defend with counsel approved in writing by COUNTY, and hold harmless, the COUNTY, its agents, officers, and employees from employer sanctions and any other liability which may be assessed against A-E or the COUNTY or both in connection with any alleged violation of any Federal or State statutes or regulations pertaining to the eligibility for employment of any persons performing work under this CONTRACT. 4.2 All PROJECTS/SERVICES submitted by A-E shall be complete and shall be carefully checked prior to submission. A-E understands that COUNTY's checking is discretionary, and A-E shall not assume that COUNTY will discover errors and/or omissions. If COUNTY discovers any errors or omissions prior to approving A-E's PROJECTS/SERVICES, the PROJECTS/SERVICES will be returned to A-E for correction. Should COUNTY or others discover errors or omissions in the work submitted by A-E after COUNTY's approval thereof, COUNTY's approval of A-E's PROJECTS/SERVICES shall not be used as a defense by A-E.

  • Compliance Monitoring Grantee must be subject to compliance monitoring during the period of performance in which funds are Expended and up to three years following the closeout of all funds. In order to assure that the program can be adequately monitored, the following is required of Grantee: a. Grantee must maintain a financial tracking system provided by Florida Housing that ensures that CRF funds are Expended in accordance with the requirements in this Agreement. b. Grantee must maintain records on all awards to Eligible Persons or Households. These records must include, but are not limited to: i. Proof of income compliance (documentation from submission month, including but not limited to paystub, Florida unemployment statement, social security and/or disability statement, etc.); ii. Lease; and iii. Documentation of rental assistance payments made.

  • Documentation and compliance (a) The data importer shall promptly and adequately deal with enquiries from the data exporter that relate to the processing under these Clauses. (b) The Parties shall be able to demonstrate compliance with these Clauses. In particular, the data importer shall keep appropriate documentation on the processing activities carried out on behalf of the data exporter. (c) The data importer shall make available to the data exporter all information necessary to demonstrate compliance with the obligations set out in these Clauses and at the data exporter’s request, allow for and contribute to audits of the processing activities covered by these Clauses, at reasonable intervals or if there are indications of non-compliance. In deciding on a review or audit, the data exporter may take into account relevant certifications held by the data importer.

  • PCI Compliance A. The Acquiring Bank will provide The Merchant with appropriate training on PCI PED and/or DSS rules and regulations in respect of The Merchants obligations. Initial training will be provided and at appropriate intervals as and when relevant changes are made to such rules and regulations. B. The Acquiring Bank will ensure that The Merchant is kept informed of any relevant new, or changes to, PCI PED and/or DSS compliance rules and regulations. C. The Merchant will comply with PCI PED and/or DSS, and resulting obligations, in respect of establishing, and maintaining, the required security controls. D. The Merchant will ensure that all its appropriate staff (existing and new) are knowledgeable in their responsibilities with respect to PCI PED and/or DSS compliance. E. The Merchant must be able to demonstrate compliance with PCI PED and/or DSS and maintain measures necessary to successfully pass regular compliance certification checks. F. The Merchant will notify The Acquiring Bank immediately should it become evident that data security standards have been compromised. The Merchant will also provide all assistance necessary to assist The Acquiring Bank and its agents to investigate and obtain any required evidence of a security breach. G. The Merchant hereby agrees and undertakes to fully indemnify The Acquiring Bank from and against all actions, claims, losses, charges, costs and damages which The Acquiring Bank may suffer or incur as a result of The Merchants failure to comply with PCI PED and/or DSS. H. Further to the conditions set out in Section 34 below, The Acquiring Bank reserves the right to terminate this agreement with The Merchant if The Merchant: i. Refuses to accept, or commence, any remedial action(s) required under its obligation to PCI PED and/or DSS. ii. Fails to maintain its PCI PED and/or DSS obligations and/or consistently fails compliance certification checks. iii. Receives continuing penalties Fraud notifications or alerts of in any case where the Acquiring bank may be asked by the schemes to take action against the Merchant. اهيلع ةقداصملا تمت دق هنأ نم ةيلمع يأ ذيفنت دعب دكأتلا رجاتلا ىلع بجي .10 لمحتب هرارقإ متو ةقاطبلا لماح ةطساوب بولطملا وحنلا ىلعو ةرشابم .ةيلمعلا كلت ذيفنت نع هتيلوؤسم لماك يأ تحت ةيلمع نم رثكأ ىلإ ةيلمعلا ةميق ميسقتب موقي لاأب رجاتلا دهعتي .11 لاير )500( ةميقب نيتيلمع ذفني نأ لاثملا ليبس ىلعف ،قلاطلإا ىلع فرظ ةعباتلا عفدلا ةقاطب سفن مادختساب لاير )1000( يلامجلإا اهغلبم عئاضبل اذه ربتعي ثيحب ؛ىرخأ عفد تاقاطب ةيأ وأ تاعوفدملل ةيدوعسلا ةكبشلل ءاغلإ و زاهجلا فاقيا ةلاحلا هذه يف كنبلل قحيو ،اًمامت ًاروظحم فرصتلا .ةيقافتلاا ةكبشلا ةقاطبب لقأ وأ رثكأ وأ لايرب ةرركم تايلمع ءارجإ رجاتلل قحي لا .12 غلابم وأ تايلمع ددع قيقحت ضرغب هب ةصاخلا نامتئلاا ةقاطب وأ ةيدوعسلا ءاغلإ و زاهجلا فاقيا كنبلل قحيو .هيلع ةررقملا موسرلا عفد بنجتل تايلمع .رجاتلا باسح نم ةررقملا موسرلا مصخ يف قحلاب ظافتحلاا عم ةيقافتلاا لمحُي نل هلاعأ ةحضوملا تامازتللااو تاءارجلإاب ديقتلا مدعو هقافخإ نأ رجاتلا رقي وأ فيلاكت وأ تابلاطم وأ ىوعد ةيأ نع اهريغ وأ تناك ةينوناق ،ةيلوؤسم ةيأ كنبلا ةراسخ وأ ةيمكارتلا رارضلأا وأ رئاسخلا كلذ يف امب رئاسخ وأ رارضأ وأ فيراصم مازتللااب رجاتلا للاخإ ببسب رجاتلا كنب اهدبكتي وأ اهل ضرعتي دق يتلا ،حابرلأا مدع ببسب ركذ امم يلأ رجاتلا كنب ضرعت لاح يفو .ةدراولا تابلطتملاو تاميلعتلاب ىوعد نم هيلع بترتي دق ام عيمج رجاتلا لمحتي ،ةروكذملا تاءارجلإاب رجاتلا مازتلا مدع ةجيتن رجاتلا كنب قحلت دق رئاسخ وأ رارضأ وأ فيراصم وأ فيلاكت وأ تابلاطم وأ .تاءارجلإاو طورشلاو تابلطتملا هذهب رجاتلا مازتلا عفدلا تاقاطب ةعانص رايعم عم قفاوتلا .9 PCI Compliance مادختساب ةصاخلا دعاوقلا ىلع بسانملا بيردتلا رجاتلل رجاتلا كنب مدقي .أ ،عفدلا تاقاطب ةعانصب قلعتت يتلاو ةيرسلا ةيصخشلا ماقرلأا لاخدإ زاهج تامازتلاب قلعتي اميف عفدلا تاقاطب ةعانص تانايب ةيامح رايعم ىلع اًضيأو تارييغت يأ ىلع وأ ديدج وه ام ىلع رجاتلا علاطإ ماود نم رجاتلا كنب دكأتي .ب ماقرلأا لاخدإ زاهج مادختساب ةصاخلا مازتللاا دعاوقو تاعيرشتلاب ةقلاع تاذ تانايب ةيامح رايعمب وأ ،عفدلا تاقاطبب قلعتي ام لك وأ ةيرسلا ةيصخشلا .عفدلا تاقاطب ةعانص ،عفدلا تاقاطبل ةيرسلا ةيصخشلا ماقرلأا لاخدإ ئدابمو ريياعمب رجاتلا مزتلي .ج قلعتي اميف ةرداصلا اهتاعيرشتو ،عفدلا تاقاطب تانايب نمأ ريياعمب اًضيأو .ةبولطملا ةيامحلا طباوض قيبطتو سيسأتب )نيدجتسملاو نييلاحلا( نيصتخملا نيفظوملا علاطإ نم رجاتلا دكأتي .د ةيصخشلا ماقرلأا لاخدإب ةصاخلا مازتللاا دعاوقب قلعتي اميف مهتايلوؤسمب .عفدلا تاقاطب تانايب نمأ ريياعمو ،عفدلا تاقاطبل ةيرسلا ةيصخشلا ماقرلأا لاخدإب ةصاخلا مازتللاا دعاوق حضوي نأ رجاتلا ىلع بجي .ـه ةظفاحملاو ،عفدلا تاقاطب تانايب نمأ ريياعم كلذكو عفدلا تاقاطبل ةيرسلا مازتللاا ىدمل ةيرودلا تارابتخلاا ةداهش زايتجلا ةيرورضلا ريياعملا ىلع .حاجنب ريياعم كاهتنا نم ققحتلا روف رجاتلا كنب راعشإب رجاتلا موقي نأ بجي .و كنب ةدعاسمل يرورض وه ام لك ميدقت رجاتلا ىلع بجي اًضيأو ،ةيامحلا ةبولطملا نيهاربلاو ةلدلأا يف قيقحتلا نم نيصتخملا هيفظومو رجاتلا .ةيامحلا قارتخا تابثلإ رجاتلا كنبل ةلماكلا ةيامحلاب ةيقافتلاا هذه بجومب رجاتلا مزتليو دهعتي .ز تابلاطم وأ ىوعد ةيأ نع ،اهريغ وأ تناك ةينوناق ،ةيلوؤسم ةيأ هليمحت مدعو رارضلأا وأ رئاسخلا كلذ يف امب رئاسخ وأ رارضأ وأ فيراصم وأ فيلاكت وأ ببسب رجاتلا كنب اهدبكتي وأ اهل ضرعتي دق يتلا ،حابرلأا ةراسخ وأ ةيمكارتلا كنب ظفتحي ،هاندأ 34 مقر ةداملا يف اهعضو مت يتلا طورشلا ىلإ ةفاضإ .ح :يتلآاب رجاتلا مايق ةلاح يف رجاتلا عم ةيقافتلاا هذه ءاهنإ قحب رجاتلا هتامازتلا هيلع هيلمت بولطم يزارتحا ءارجإ يأ ذاختا وأ لوبق هضفر .i وأ عفدلا تاقاطبل ةيرسلا ةيصخشلا ماقرلأا لاخدإ ئدابمو ريياعمب .عفدلا تاقاطب تانايب نمأ ريياعمب ماقرلأا لاخدإ ئدابمو ريياعمو دعاوقب مازتللااو ةظفاحملا يف هقافخإ .ii ،عفدلا تاقاطب تانايب نمأ ريياعمب وأ عفدلا تاقاطبل ةيرسلا ةيصخشلا .مازتللاا تارابتخا زايتجا يف لشفلا و/وأ تاريذحتلاو تاهيبنتلا هملاتسا وأ هيلع ةرمتسملا تامارغلا ضرف .iii تاعوفدملا ماظن لبق نم ةيلمع يأ صوصخب ريوزتلاب ةقلعتملا مزلالا ءارجلإا ذاختا رجاتلا كنب نم بلطي دق اهللاخ نم يتلاو ،يملاعلا 10. Transaction(s) to be in Saudi Riyals: All MADA-POS transactions must be denominated in Saudi Riyals (SR).

  • Securities Compliance The Company shall notify the Commission in accordance with its rules and regulations, of the transactions contemplated by any of the Transaction Documents and shall take all other necessary action and proceedings as may be required and permitted by applicable law, rule and regulation, for the legal and valid issuance of the Securities to the Purchasers, or their respective subsequent holders.

  • OSHA Compliance To the extent applicable to the services to be performed under this Agreement, Contractor represents and warrants, that all articles and services furnished under this Agreement meet or exceed the safety standards established and promulgated under the Federal Occupational Safety and Health Law (Public Law 91-596) and its regulations in effect or proposed as of the date of this Agreement.

  • Compliance Investigations Upon City’s request, Contractor agrees to provide to City, within sixty calendar days, a truthful and complete list of the names of all subcontractors, vendors, and suppliers that Contractor has used in the past five years on any of its contracts that were undertaken within San Diego County, including the total dollar amount paid by Contractor for each subcontract or supply contract. Contractor further agrees to fully cooperate in any investigation conducted by City pursuant to City's Nondiscrimination in Contracting Ordinance. Contractor understands and agrees that violation of this clause shall be considered a material breach of the Contract and may result in Contract termination, debarment, and other sanctions.

  • Public safety compliance The Hirer shall comply with all conditions and regulations made in respect of the premises by the Fire Authority, Local Authority, the Licensing Authority or otherwise, particularly in connection with any event which constitutes regulated entertainment, at which alcohol is sold or provided or which is attended by children. (a) The Hirer acknowledges that they have received information in the following matters: (b) In advance of an entertainment or play the Hirer shall check the following items:

  • Environmental Compliance and Reports Borrower shall comply in all respects with any and all Environmental Laws; not cause or permit to exist, as a result of an intentional or unintentional action or omission on Borrower’s part or on the part of any third party, on property owned and/or occupied by Borrower, any environmental activity where damage may result to the environment, unless such environmental activity is pursuant to and in compliance with the conditions of a permit issued by the appropriate federal, state or local governmental authorities; shall furnish to Lender promptly and in any event within thirty (30) days after receipt thereof a copy of any notice, summons, lien, citation, directive, letter or other communication from any governmental agency or instrumentality concerning any intentional or unintentional action or omission on Borrower’s part in connection with any environmental activity whether or not there is damage to the environment and/or other natural resources. Additional Assurances. Make, execute and deliver to Lender such promissory notes, mortgages, deeds of trust, security agreements, assignments, financing statements, instruments, documents and other agreements as Lender or its attorneys may reasonably request to evidence and secure the Loans and to perfect all Security Interests.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!