We use cookies on our site to analyze traffic, enhance your experience, and provide you with tailored content.
For more information visit our privacy policy.Administrative Controls The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.
Books and Records; Internal Accounting Controls The records and documents of the Company and its Subsidiaries accurately reflect in all material respects the information relating to the business of the Company and the Subsidiaries, the location and collection of their assets, and the nature of all transactions giving rise to the obligations or accounts receivable of the Company or any Subsidiary. The Company and each of its Subsidiaries maintain a system of internal accounting controls sufficient, in the judgment of the Company's board of directors, to provide reasonable assurance that (i) transactions are executed in accordance with management's general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with generally accepted accounting principles and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management's general or specific authorization and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate actions are taken with respect to any differences.
Technical Security Controls 35 a. Workstation/Laptop encryption. All workstations and laptops that store PHI COUNTY 36 discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of 37 COUNTY either directly or temporarily must be encrypted using a FIPS 140-2 certified algorithm which 1 is 128bit or higher, such as AES. The encryption solution must be full disk unless approved by the 2 COUNTY.
Security Controls Annually, upon Fund’s reasonable request, DST shall provide Fund’s Chief Information Security Officer or his or her designee with a summary of its corporate information security policy and an opportunity to discuss DST’s information security measures, and a high level and non-confidential summary of any penetration testing related to the provision of in-scope services . DST shall review its Security Policy annually.
Compliance Policies and Procedures To assist the Fund in complying with Rule 38a-1 of the 1940 Act, BBH&Co. represents that it has adopted written policies and procedures reasonably designed to prevent violation of the federal securities laws in fulfilling its obligations under the Agreement and that it has in place a compliance program to monitor its compliance with those policies and procedures. BBH&Co will upon request provide the Fund with information about our compliance program as mutually agreed.
Personal Controls a. Employee Training. All workforce members who assist in the performance of functions or activities on behalf of COUNTY in connection with Agreement, or access or disclose PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, must complete information privacy and security training, at least annually, at CONTRACTOR’s expense. Each workforce member who receives information privacy and security training must sign a certification, indicating the member’s name and the date on which the training was completed. These certifications must be retained for a period of six (6) years following the termination of Agreement.
Management and Control Systems Grantee will: 1. maintain an appropriate contract administration system to ensure that all terms, conditions, and specifications are met during the term of the contract through the completion of the closeout procedures. 2. develop, implement, and maintain financial management and control systems that meet or exceed the requirements of Uniform Statewide Accounting System (UGMS). Those requirements and procedures include, at a minimum, the following: i. Financial planning, including the development of budgets that adequately reflect all functions and resources necessary to carry out authorized activities and the adequate determination of costs; ii. Financial management systems that include accurate accounting records that are accessible and identify the source and application of funds provided under each Contract of this Contract, and original source documentation substantiating that costs are specifically and solely allocable to a Contract and its Contract and are traceable from the transaction to the general ledger; iii. Effective internal and budgetary controls; iv. Comparison of actual costs to budget; determination of reasonableness, allowableness, and allocability of costs; v. Timely and appropriate audits and resolution of any findings; vi. Billing and collection policies; and vii. Mechanism capable of billing and making reasonable efforts to collect from clients and third parties.
Operational Procedures In order to minimize operational problems, it will be necessary for trade information to be supplied in a secure manner by the Subadviser to the Fund’s Service Providers, including: JPMorgan Chase Bank, National Association (the “Custodian”), Virtus Fund Services (the “Fund Administrator”) BNY Mellon Investment Servicing (US) Inc., (the “Sub-Accounting Agent”), any Prime Broker to the Series, and all other Counterparties/Brokers as required. The Subadviser must furnish the Fund’s service providers with required daily information as to executed trades in a format and time-frame agreed to by the Subadviser, Custodian, Fund Administrator, Sub-Accounting Agent and Prime Broker/Counterparties and designated persons of the Fund. Trade information sent to the Custodian, Fund Administrator, Sub-Accounting Agent and Prime Broker/Counterparties must include all necessary data within the required timeframes to allow such parties to perform their obligations to the Series. The Sub-Accounting Agent specifically requires a daily trade blotter with a summary of all trades, in addition to trade feeds, including, if no trades are executed, a report to that effect. Daily information as to executed trades for same-day settlement and future trades must be sent to the Sub-Accounting Agent no later than 4:30 p.m. (Eastern Time) on the day of the trade each day the Fund is open for business. All other executed trades must be delivered to the Sub-Accounting Agent on Trade Date plus 1 by Noon (Eastern Time) to ensure that they are part of the Series’ NAV calculation. (The Subadviser will be responsible for reimbursement to the Fund for any loss caused by the Subadviser’s failure to comply with the requirements of this Schedule A.) On fiscal quarter ends and calendar quarter ends, all trades must be delivered to the Sub-Accounting Agent by 4:30 p.m. (Eastern Time) for inclusion in the financial statements of the Series. The data to be sent to the Sub-Accounting Agent and/or Fund Administrator will be as agreed by the Subadviser, Fund Administrator, Sub-Accounting Agent and designated persons of the Fund and shall include (without limitation) the following:
Books and Record Internal Accounting Controls The books and records of the Company and its subsidiaries accurately reflect in all material respects the information relating to the business of the Company and the subsidiaries, the location and collection of their assets, and the nature of all transactions giving rise to the obligations or accounts receivable of the Company or any subsidiary. The Company and each of its subsidiaries maintain a system of internal accounting controls sufficient, in the judgment of the Company, to provide reasonable assurance that (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management’s general or specific authorization and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate actions is taken with respect to any differences.