Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
(2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program.
(3) DTI shall comply with its Information Security Program.
Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.
Personal Information security breach Supplier/Service Provider’s Obligations
a) The Supplier/Service Provider shall notify the Information Officer of Transnet, in writing as soon as possible after it becomes aware of or suspects any loss, unauthorised access or unlawful use of any personal data and shall, at its own cost, take all necessary remedial steps to mitigate the extent of the loss or compromise of personal data and to restore the integrity of the affected Goods/Services as quickly as is possible. The Supplier/Service Provider shall also be required to provide Transnet with details of the persons affected by the compromise and the nature and extent of the compromise, including details of the identity of the unauthorised person who may have accessed or acquired the personal data.
b) The Supplier/Service Provider shall provide on-going updates on its progress in resolving the compromise at reasonable intervals until such time as the compromise is resolved.
c) Where required, the Supplier/Service Provider may be required to notify the South African Police Service; and/or the State Security Agency and where applicable, the relevant regulator and/or the affected persons of the security breach. Any such notification shall always include sufficient information to allow the persons to take protective measures against the potential consequences of the compromise.
d) The Supplier/Service Provider undertakes to co‑operate in any investigation relating to security which is carried out by or on behalf of Transnet including providing any information or material in its possession or control and implementing new security measures.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Operator’s Security Contact Information Xxxxxxx X. Xxxxxxx Named Security Contact xxxxxxxx@xxxxxxxxx.xxx Email of Security Contact (000) 000-0000 Phone Number of Security Contact
Information Collection Information collection activities performed under this award are the responsibility of the awardee, and NSF support of the project does not constitute NSF approval of the survey design, questionnaire content or information collection procedures. The awardee shall not represent to respondents that such information is being collected for or in association with the National Science Foundation or any other Government agency without the specific written approval of such information collection plan or device by the Foundation. This requirement, however, is not intended to preclude mention of NSF support of the project in response to an inquiry or acknowledgment of such support in any publication of this information.
Information Regarding Collateral (a) Level 3 and the Borrower will furnish to the Collateral Agent prompt written notice of any change (i) in any Loan Party’s corporate name or in any trade name used to identify it in the conduct of its business or in the ownership of its properties, (ii) in any Loan Party’s identity or corporate structure or (iii) in any Loan Party’s Federal Taxpayer Identification Number. Each of Level 3 and the Borrower agrees not to effect or permit any change referred to in the preceding sentence unless all filings (or arrangements therefor satisfactory to the Collateral Agent) have been made under the Uniform Commercial Code or otherwise that are required in order for the Collateral Agent to continue at all times following such change to have a valid, legal and perfected security interest in all the Collateral. Each of Level 3 and the Borrower also agrees promptly to notify the Collateral Agent if any material portion of the Collateral is damaged or destroyed.
(b) Each year, at the time of delivery of the certificate pursuant to paragraph (c) of Section 5.01, Level 3 shall deliver to the Collateral Agent certificates of an authorized officer of Level 3 (i) setting forth the information required pursuant to (A) the Annual Perfection Certificate and (B) until such time as the Collateral Permit Condition is satisfied with respect to Level 3 LLC, the Annual Loan Proceeds Note Perfection Certificate, or confirming that there has been no change in such information since the dates of the Effective Date Perfection Certificate or the Effective Date Loan Proceeds Note Perfection Certificate, as the case may be, or the date of the most recent certificates delivered pursuant to this Section and (ii) certifying that all Uniform Commercial Code financing statements (excluding fixture filings) or other appropriate filings, recordings or registrations, including all refilings, rerecordings and reregistrations, containing a description of the Collateral required to be set forth therein have been filed of record in each United States governmental, municipal or other appropriate office in each jurisdiction identified pursuant to clause (i) above to the extent necessary to perfect and continue the perfection of the security interests under the applicable Security Documents for a period of not less than 18 months after the date of such certificate (except as noted therein with respect to any continuation statements to be filed within such period).
Compliance Control Services (1) Support reporting to regulatory bodies and support financial statement preparation by making the Fund's accounting records available to the Trust, the Securities and Exchange Commission (the “SEC”), and the independent accountants.
(2) Maintain accounting records according to the 1940 Act and regulations provided thereunder.
(3) Perform its duties hereunder in compliance with all applicable laws and regulations and provide any sub-certifications reasonably requested by the Trust in connection with any certification required of the Trust pursuant to the Xxxxxxxx-Xxxxx Act of 2002 (the “SOX Act”) or any rules or regulations promulgated by the SEC thereunder, provided the same shall not be deemed to change USBFS’s standard of care as set forth herein.
(4) Cooperate with the Trust’s independent accountants and take all reasonable action in the performance of its obligations under this Agreement to ensure that the necessary information is made available to such accountants for the expression of their opinion on the Fund’s financial statements without any qualification as to the scope of their examination.
PERSONAL INFORMATION PRIVACY AND SECURITY CONTRACT 11 Any reference to statutory, regulatory, or contractual language herein shall be to such language as in 12 effect or as amended.
13 A. DEFINITIONS
