Common use of Information Security Clause in Contracts

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 26 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

AutoNDA by SimpleDocs

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products.Products.‌ 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 25 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 21 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 21 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing.writing.‌ 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 6 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 6 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted).Omitted).‌ 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 5 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing.writing.‌ 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 5 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 3 contracts

Samples: Terms and Conditions, Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 2 contracts

Samples: Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products.Products.‌ 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 2 contracts

Samples: Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products.Products.‌ 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 2 contracts

Samples: Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing.writing.‌ 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 2 contracts

Samples: Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized Capitalized‌ terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 2 contracts

Samples: Terms and Conditions, Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products.Products.‌ 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

AutoNDA by SimpleDocs

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf)DXC-Data & Network Security Schedule-DNSS. The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted).Omitted).‌ 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC DSC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing.writing.‌ 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfat:(DXC-Data & Network and Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 12.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS.DNSS.‌ 11.2 12.2 (Intentionally Omitted). 11.3 12.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 12.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products.Products.‌ 11.5 12.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 12.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC DSC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted).Omitted).‌ 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC DSC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC DSC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach. 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data & Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdfDXC-Data & Network Security Schedule-DNSS). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 (Intentionally Omitted). 11.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing.writing.‌ 11.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or Products. 11.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌ 11.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred.

Appears in 1 contract

Samples: Terms and Conditions

Information Security. 11.1 12.1 Supplier shall implement and maintain security measures to protect DXC Data, Services and Products in accordance with the Data Network Security Schedule ("DNSS") as set forth herein on the DXC Supplier Portal at: (xxxx://xxxxxx0.xxx.xxxxxxxxxx/contact_us/downloads/Data_Network_and_Secur ity_Schedule-DNSS.pdf). The DNSS forms part of the Agreement. Capitalized terms not specifically defined in this Agreement or in this section “Information Security”, shall have the meaning set forth in the DNSS. 11.2 12.2 (Intentionally Omitted).Omitted).‌ 11.3 12.3 Supplier shall only Process DXC Data and access information systems to the extent and in a manner necessary to provide the Services, software or Products, in accordance with this Agreement and any SOW, this section “Information Security” and the “DNSS”. Any access to or use of DXC information systems or Processing of DXC Data by or on behalf of Supplier for any other purpose, not explicitly authorized in writing by DXC, shall be deemed a material breach of the Agreement by Supplier. Supplier shall not sell, rent, transfer, distribute, disclose, copy, alter, or remove DXC Data, DXC information system, or Product unless authorized in writing by DXC. Supplier shall ensure all Processing of DXC Data and provisioning of Services and Products complies with all Applicable Laws. If Supplier cannot Process the DXC Data or provide Services or Products in accordance with such Applicable Laws, this Agreement and any SOW, this section “Information Security” and the “DNSS, then Supplier shall immediately notify DXC in writing. 11.4 12.4 Supplier shall develop, implement and maintain a comprehensive information security program with information security industry standard safeguards, such as ISO 27001/2, to protect DXC Data against Security Breach and to provide secure Services or ProductsProduct. 11.5 12.5 All Notifications, whether related to Security Breach, Product security, vulnerability or non-compliance, shall be made to the DXC Security Incident Response and Control Center via (a) email to: XXXXX@xxx.xxx and (b) telephonically to 0 (000) 000 0000 Americas and /or +00 0 0000 0000 000000000 International. Supplier shall use commercially reasonable efforts to provide DXC with notification within 24 hours after Supplier becomes aware of a Security Breach.‌Breach .‌ 11.6 12.6 DXC reserves the right to audit, inspect, and make copies or extracts (“Audit”) of Supplier’s records and processes which evidences Supplier’s performance under, and compliance with, this Agreement (including without limitation and to the extent permitted by applicable laws, all materials pertaining to drug tests and background checks of all personnel and subcontractors assigned to DXC), at any time within 7 days prior notice to Supplier. As applicable, such Audit may also apply to Supplier’s data processing facilities, affiliates, subcontractors and data files as reasonably necessary to confirm Supplier’s compliance with the provisions of this Agreement. Such Audits shall be arranged by discussion with the Supplier and shall be subject to the Supplier’s security policies. Additionally, Supplier will make its employees, officers, and directors available for meetings with DXC or its representatives if DXC has reasonable grounds for believing that the Supplier has not complied with this Agreement. If an Audit reveals that Supplier is in material breach of its obligations under this Agreement, Supplier shall reimburse DXC for all costs of the Audit, including without limitation the costs of any third-party auditors engaged by DXC, the costs of DXC’s internal employee auditors for actual working time and travel expenses incurred...

Appears in 1 contract

Samples: Terms and Conditions

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!