Vulnerability Management BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.
Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Configuration Management The Contractor shall maintain a configuration management program, which shall provide for the administrative and functional systems necessary for configuration identification, control, status accounting and reporting, to ensure configuration identity with the UCEU and associated cables produced by the Contractor. The Contractor shall maintain a Contractor approved Configuration Management Plan that complies with ANSI/EIA-649 2011. Notwithstanding ANSI/EIA-649 2011, the Contractor’s configuration management program shall comply with the VLS Configuration Management Plans, TL130-AD-PLN-010-VLS, and shall comply with the following:
Network Management 60.1 CLEC and CenturyLink will exchange appropriate information (e.g., network information, maintenance contact numbers, escalation procedures, and information required to comply with requirements of law enforcement and national security agencies) for network management purposes. In addition, the Parties will apply sound network management principles to alleviate or to prevent traffic congestion and to minimize fraud associated with third number billed calls, calling card calls, and other services related to this Agreement.
Traffic Management The Customer will not utilize the Services in a manner which, in the view of the Centre Operator, significantly distorts traffic balance on the Centre Operator’s circuits which are shared with other users. If, in the reasonable view of the Centre Operator, the Customer’s traffic patterns cause or may cause such distortion, the Customer should have a dedicated circuit capability. If the Customer declines to do so then the Centre Operator may suspend the Services while the matter is being resolved. If there is no resolution within 5 business days then either party may terminate the Agreement.
Network Maintenance and Management 36.1 The Parties will work cooperatively to implement this Agreement. The Parties will exchange appropriate information (for example, maintenance contact numbers, network information, information required to comply with law enforcement and other security agencies of the Government, escalation processes, etc.) to achieve this desired result.
Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.
Program Management 1.1.01 Implement and operate an Immunization Program as a Responsible Entity
Quality Management Grantee will:
Programme Management The Government will establish a programme management office and the Council will be able to access funding support to participate in the reform process. The Government will provide further guidance on the approach to programme support, central and regional support functions and activities and criteria for determining eligibility for funding support. This guidance will also include the specifics of any information required to progress the reform that may be related to asset quality, asset value, costs, and funding arrangements.
