Human and Financial Resources to Implement Safeguards Requirements The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
Description of Vendor Entity and Vendor's Goods & Services If awarded, this description of Vendor and Vendor's goods and services will appear on the TIPS website for customer/public viewing. Technology solutions value-added reseller and installer of all things technology. Please identify the individual who will be primarily responsible for all TIPS matters and inquiries for the duration of the contract. Xxxx Xxxxxxx Primary Contact Title VP of Sales Please enter a valid email address that will definitely reach the Primary Contact. xxxx@xxxxxxxxxx.xxx Numbers only, no symbols or spaces (Ex. 8668398477). The system will auto-populate your entry with commas once submitted which is appropriate and expected (Ex. 8,668,398,477). Please provide the accurate and current phone number where the individual who will be primarily responsible for all TIPS matters and inquiries for the duration of the contract can be reached directly. 0000000000 Numbers only, no symbols or spaces (Ex. 8668398477). The system will auto-populate your entry with commas once submitted which is appropriate and expected (Ex. 8,668,398,477). 0000000000 Numbers only, no symbols or spaces (Ex. 8668398477). The system will auto-populate your entry with commas once submitted which is appropriate and expected (Ex. 8,668,398,477). 0000000000
Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § 00-00-000 et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.
CONTRACTOR NAME CHANGE An amendment is required to change the Contractor's name as listed on this Agreement. Upon receipt of legal documentation of the name change the State will process the amendment. Payment of invoices presented with a new name cannot be paid prior to approval of said amendment.
Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.
New Hampshire Specific Data Security Requirements The Provider agrees to the following privacy and security standards from “the Minimum Standards for Privacy and Security of Student and Employee Data” from the New Hampshire Department of Education. Specifically, the Provider agrees to:
(1) Limit system access to the types of transactions and functions that authorized users, such as students, parents, and LEA are permitted to execute;
(2) Limit unsuccessful logon attempts;
(3) Employ cryptographic mechanisms to protect the confidentiality of remote access sessions;
(4) Authorize wireless access prior to allowing such connections;
(5) Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity;
(6) Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions;
(7) Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles;
(8) Restrict, disable, or prevent the use of nonessential programs, functions, ports, protocols, and services;
(9) Enforce a minimum password complexity and change of characters when new passwords are created;
(10) Perform maintenance on organizational systems;
(11) Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance;
(12) Ensure equipment removed for off-site maintenance is sanitized of any Student Data in accordance with NIST SP 800-88 Revision 1;
(13) Protect (i.e., physically control and securely store) system media containing Student Data, both paper and digital;
(14) Sanitize or destroy system media containing Student Data in accordance with NIST SP 800-88 Revision 1 before disposal or release for reuse;
(15) Control access to media containing Student Data and maintain accountability for media during transport outside of controlled areas;
(16) Periodically assess the security controls in organizational systems to determine if the controls are effective in their application and develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems;
(17) Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems;
(18) Deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception);
(19) Protect the confidentiality of Student Data at rest;
(20) Identify, report, and correct system flaws in a timely manner;
(21) Provide protection from malicious code (i.e. Antivirus and Antimalware) at designated locations within organizational systems;
(22) Monitor system security alerts and advisories and take action in response; and
(23) Update malicious code protection mechanisms when new releases are available.
Information Technology Enterprise Architecture Requirements If this Contract involves information technology-related products or services, the Contractor agrees that all such products or services are compatible with any of the technology standards found at xxxxx://xxx.xx.xxx/iot/2394.htm that are applicable, including the assistive technology standard. The State may terminate this Contract for default if the terms of this paragraph are breached.
Safeguarding and Protecting Children and Vulnerable Adults The Supplier will comply with all applicable legislation and codes of practice, including, where applicable, all legislation and statutory guidance relevant to the safeguarding and protection of children and vulnerable adults and with the British Council’s Child Protection Policy, as notified to the Supplier and amended from time to time, which the Supplier acknowledges may include submitting to a check by the UK Disclosure & Barring Service (DBS) or the equivalent local service; in addition, the Supplier will ensure that, where it engages any other party to supply any of the Services under this Agreement, that that party will also comply with the same requirements as if they were a party to this Agreement.
Business Continuity and Disaster Recovery Bank shall maintain and update from time to time business continuation and disaster recovery procedures with respect to its global custody business, which are designed, in the event of a significant business disruption affecting Bank, to be sufficient to enable Bank to resume and continue to perform its duties and obligations under this Agreement without undue delay or disruption. Bank shall test the operability of such procedures at least annually. Bank shall enter into and shall maintain in effect at all times during the term of this Agreement reasonable provision for (i) periodic back-up of the computer files and data with respect to Customer and (ii) use of alternative electronic data processing equipment to provide services under this Agreement. Upon reasonable request, Bank shall discuss with Customer any business continuation and disaster recovery procedures of Bank. Bank represents that its business continuation and disaster recovery procedures are appropriate for its business as a global custodian to investment companies registered under the 1940 Act.
COUNTY’S QUALITY ASSURANCE PLAN The County or its agent will evaluate the Contractor’s performance under this Contract on not less than an annual basis. Such evaluation will include assessing the Contractor’s compliance with all Contract terms and conditions and performance standards. Contractor deficiencies which the County determines are severe or continuing and that may place performance of the Contract in jeopardy if not corrected will be reported to the Board of Supervisors. The report will include improvement/corrective action measures taken by the County and the Contractor. If improvement does not occur consistent with the corrective action measures, the County may terminate this Contract or impose other penalties as specified in this Contract.
