Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.
SECURITY PROCESSES If requested by an Authorized User as part the Request for Quote process, Contractor shall complete a Consensus Assessment Initiative Questionnaire (CAIQ) including on an annual basis thereafter, if requested by the Authorized User. The CAIQ is available at Cloud Security Alliance (xxxxx://xxxxxxxxxxxxxxxxxxxxx.xxx/). The CAIQ may be used to assist the Authorized User in building the necessary assessment processes when engaging with Contractors. In addition to a request for a CAIQ, Contractor shall cooperate with all reasonable Authorized User requests for a Written description of Contractor’s physical/virtual security and/or internal control processes. The Authorized User shall have the right to reject any Contractor’s RFQ response or terminate an Authorized User Agreement when such a request has been denied. For example, Federal, State and local regulations and/or laws may require that Contractors operate within the Authorized User’s regulatory environment. In order to ensure that security is adequate and free of gaps in control coverage, the Authorized User may require information from the Contractor’s Service Organization Controls (SOC) audit report.
Patch Management All workstations, laptops and other systems that process and/or 20 store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or 21 transmits on behalf of COUNTY must have critical security patches applied, with system reboot if 22 necessary. There must be a documented patch management process which determines installation 23 timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable 24 patches must be installed within thirty (30) calendar or business days of vendor release. Applications 25 and systems that cannot be patched due to operational reasons must have compensatory controls 26 implemented to minimize risk, where possible.
Procurement and Property Management Standards The parties to this Agreement shall adhere to the procurement and property management standards established in 2 CFR 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, and to the Texas Uniform Grant Management Standards. The State must pre-approve the Local Government’s procurement procedures for purchases to be eligible for state or federal funds.
Project Management Services Contractor shall provide business analysis and project management services necessary to ensure technical projects successfully meet the objectives for which they were undertaken. Following are characteristics of this Service:
STATEWIDE CONTRACT MANAGEMENT SYSTEM If the maximum amount payable to Contractor under this Contract is $100,000 or greater, either on the Effective Date or at any time thereafter, this section shall apply. Contractor agrees to be governed by and comply with the provisions of §§00-000-000, 00-000-000, 00-000-000, and 00- 000-000, C.R.S. regarding the monitoring of vendor performance and the reporting of contract information in the State’s contract management system (“Contract Management System” or “CMS”). Contractor’s performance shall be subject to evaluation and review in accordance with the terms and conditions of this Contract, Colorado statutes governing CMS, and State Fiscal Rules and State Controller policies.
Program Management 1.1.01 Implement and operate an Immunization Program as a Responsible Entity
Supervisory Control and Data Acquisition (SCADA) Capability The wind plant shall provide SCADA capability to transmit data and receive instructions from the ISO and/or the Connecting Transmission Owner for the Transmission District to which the wind generating plant will be interconnected, as applicable, to protect system reliability. The Connecting Transmission Owner for the Transmission District to which the wind generating plant will be interconnected and the wind plant Developer shall determine what SCADA information is essential for the proposed wind plant, taking into account the size of the plant and its characteristics, location, and importance in maintaining generation resource adequacy and transmission system reliability in its area.
Operator’s Security Contact Information Xxxxxxx X. Xxxxxxx Named Security Contact xxxxxxxx@xxxxxxxxx.xxx Email of Security Contact (000) 000-0000 Phone Number of Security Contact
Traffic Management The Customer will not utilize the Services in a manner which, in the view of the Centre Operator, significantly distorts traffic balance on the Centre Operator’s circuits which are shared with other users. If, in the reasonable view of the Centre Operator, the Customer’s traffic patterns cause or may cause such distortion, the Customer should have a dedicated circuit capability. If the Customer declines to do so then the Centre Operator may suspend the Services while the matter is being resolved. If there is no resolution within 5 business days then either party may terminate the Agreement.
