Common use of Principles of Security Clause in Contracts

Principles of Security. 2.1 The CONTRACTOR acknowledges that the CUSTOMER places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 The CONTRACTOR shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 meets any specific security threats to the ISMS; 2.2.5 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 of this Schedule; 2.2.6 complies with the security requirements as set out in Schedule 2-2; and 2.2.7 complies with the CUSTOMER’s ICT standards. 2.3 Subject to Clause 16.3 of this Contract, the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR should notify the CUSTOMER's CITHS Contract Manager of such inconsistency immediately upon becoming aware of the same, and the CUSTOMER's CITHS Contract Manager shall, as soon as practicable, advise the CONTRACTOR which provision the CONTRACTOR shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR acknowledges that the CUSTOMER places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 The CONTRACTOR shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 meets any specific security threats to the ISMS; 2.2.5 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 of this Schedule; 2.2.6 complies with the security requirements as set out in Schedule 2-2; and 2.2.7 complies with the CUSTOMER’s ICT standards. 2.3 Subject to Clause 16.3 15.3 of this Contract, the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR should notify the CUSTOMER's CITHS Contract Manager of such inconsistency immediately upon becoming aware of the same, and the CUSTOMER's CITHS Contract Manager shall, as soon as practicable, advise the CONTRACTOR which provision the CONTRACTOR shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR Supplier acknowledges that the CUSTOMER Contracting Body places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 . The CONTRACTOR Supplier shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 : is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 ; complies with the Security Policy; 2.2.3 ; [complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 ]; meets any specific security threats to the ISMS; 2.2.5 ; complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 of this Schedule; 2.2.6 schedule; complies with the security requirements Requirements as set out in Schedule 2-2paragraph 2.3 of the Order Form; and 2.2.7 and complies with the CUSTOMERContracting Body’s ICT standards. 2.3 Subject to Clause 16.3 of this Contract, the . The references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 . In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR Supplier should notify the CUSTOMERContracting Body's CITHS Contract Manager Representative of such inconsistency immediately upon becoming aware of the same, and the CUSTOMERContracting Body's CITHS Contract Manager Representative shall, as soon as practicable, advise the CONTRACTOR Supplier which provision the CONTRACTOR Supplier shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR Supplier acknowledges that the CUSTOMER Customer places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 The CONTRACTOR Supplier shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 meets any specific security threats to the ISMS; 2.2.5 complies with ISO/IEC27001 IEC 27001 and ISO/IEC27002 IEC 27002 in accordance with paragraph 5 4.4 of this Scheduleschedule; 2.2.6 complies with the security requirements as set out in Schedule 2-2paragraph 2.5 of the Order Form; and 2.2.7 complies with the CUSTOMER’s Customer‟s ICT standards. 2.3 Subject to Clause 16.3 of this Contractclause [n/a], the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule 2.1 shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR Supplier should notify the CUSTOMERCustomer's CITHS Contract Manager Representative of such inconsistency immediately upon becoming aware of the same, and the CUSTOMERCustomer's CITHS Contract Manager Representative shall, as soon as practicable, advise the CONTRACTOR Supplier which provision the CONTRACTOR Supplier shall be required to comply with.

Principles of Security. 2.1 57.1 The CONTRACTOR acknowledges that the CUSTOMER places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 57.2 The CONTRACTOR shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 57.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 57.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 57.2.3 meets any specific security threats to the ISMS; 2.2.5 57.2.4 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 of this Schedule; 2.2.6 57.2.5 complies with the security requirements as set out in Schedule 2-2; and 2.2.7 57.2.6 complies with the CUSTOMER’s ICT standards. 2.3 57.3 Subject to Clause 16.3 of this Contract, the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 57.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR should notify the CUSTOMER's CITHS Contract Manager of such inconsistency immediately upon becoming aware of the same, and the CUSTOMER's CITHS Contract Manager shall, as soon as practicable, advise the CONTRACTOR which provision the CONTRACTOR shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR Supplier acknowledges that the CUSTOMER Customer places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 . The CONTRACTOR Supplier shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 : is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 ; complies with the Security Policy; 2.2.3 ; complies with at least the minimum set Mandated Requirements 3, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16 and 17 of security measures and standards as determined by the HMG Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 which can be found at xxxx://xxx.xxxxxxxxxxxxx.xxx.xx/resource-library/security-policy-framework; meets any specific security threats to the ISMS; 2.2.5 ; complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 6 of this Schedule; 2.2.6 ; complies with the security requirements as set out in Schedule 2-2paragraph 2.4 of the Order Form; and 2.2.7 and complies with the CUSTOMERCustomer’s ICT standards. 2.3 . Subject to Clause 16.3 of this Contract41, the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 . In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR Supplier should notify the CUSTOMERCustomer's CITHS Contract Manager Representative of such inconsistency immediately upon becoming aware of the same, and the CUSTOMERCustomer's CITHS Contract Manager Representative shall, as soon as practicable, advise the CONTRACTOR Supplier which provision the CONTRACTOR Supplier shall be required to comply with.

Principles of Security. 2.1 2.1. The CONTRACTOR Supplier acknowledges that the CUSTOMER Customer places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 2.2. The CONTRACTOR Supplier shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 2.2.1. is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 2.2.2. complies with the Security Policy; 2.2.3 2.2.3. [complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD)]; 2.2.4 2.2.4. meets any specific security threats to the ISMS; 2.2.5 2.2.5. complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 52 of this Scheduleschedule; 2.2.6 2.2.6. complies with the security requirements as set out in Schedule 2-2paragraph 2.7 of the Order Form; and 2.2.7 2.2.7. complies with the CUSTOMERCustomer’s ICT standards. 2.3 2.3. Subject to Clause 16.3 of this Contractclause [21.1.3], the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 2.4. In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR Supplier should notify the CUSTOMERCustomer's CITHS Contract Manager Representative of such inconsistency immediately upon becoming aware of the same, and the CUSTOMERCustomer's CITHS Contract Manager Representative shall, as soon as practicable, advise the CONTRACTOR Supplier which provision the CONTRACTOR Supplier shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR acknowledges that the CUSTOMER places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 The CONTRACTOR shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 meets any specific security threats to the ISMS; 2.2.5 2.2.4 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 of this Schedule; 2.2.6 2.2.5 complies with the security requirements as set out in Schedule 2-2; and 2.2.7 2.2.6 complies with the CUSTOMER’s ICT standards. 2.3 Subject to Clause 16.3 of this Contract, the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR should notify the CUSTOMER's CITHS Contract Manager of such inconsistency immediately upon becoming aware of the same, and the CUSTOMER's CITHS Contract Manager shall, as soon as practicable, advise the CONTRACTOR which provision the CONTRACTOR shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR Supplier acknowledges that the CUSTOMER Customer places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 The CONTRACTOR Supplier shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD); 2.2.4 meets any specific security threats to the ISMS; 2.2.5 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 6 of this Schedule; 2.2.6 complies with the security requirements as set out in Schedule 2-2paragraph 2.8 of the Order Form; and 2.2.7 complies with the CUSTOMER’s Customer's ICT standards. 2.3 Subject to Clause 16.3 of this Contract46, the references to standardsStandards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR Supplier should notify the CUSTOMERCustomer's CITHS Contract Manager Representative of such inconsistency immediately upon becoming aware of the same, and the CUSTOMERCustomer's CITHS Contract Manager Representative shall, as soon as practicable, advise the CONTRACTOR Supplier which provision the CONTRACTOR Supplier shall be required to comply with.

Principles of Security. 2.1 5.1 The CONTRACTOR Supplier acknowledges that the CUSTOMER Customer places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by the ISMS. 2.2 5.2 The CONTRACTOR Supplier shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which: 2.2.1 5.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 5.2.2 complies with the Security Policy; 2.2.3 5.2.3 [complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD)]; 2.2.4 5.2.4 meets any specific security threats to the ISMS; 2.2.5 5.2.5 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 6 of this Schedule; 2.2.6 5.2.6 complies with the security requirements as set out in Schedule 2-2the Letter of Appointment; and 2.2.7 5.2.7 complies with the CUSTOMER’s Customer‟s ICT standards. 2.3 Subject to Clause 16.3 of this Contract, the 5.3 The references to standards, guidance and policies set out in paragraph 2.2 of this Schedule 5.2 shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 5.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR Supplier should notify the CUSTOMERCustomer's CITHS Contract Manager Representative of such inconsistency immediately upon becoming aware of the same, and the CUSTOMERCustomer's CITHS Contract Manager Representative shall, as soon as practicable, advise the CONTRACTOR Supplier which provision the CONTRACTOR Supplier shall be required to comply with.

Principles of Security. 2.1 The CONTRACTOR acknowledges that the CUSTOMER places great emphasis on the confidentiality, integrity and availability of information and consequently on the security provided by described in the ISMSServicenow Security Updates Document. 2.2 The CONTRACTOR shall be responsible for the effective performance of the ISMS and shall at all times provide a level of security which:which is consistent with the standards described in the Servicenow Security Updates Document. 2.2.1 is in accordance with Good Industry Practice, Law and this Contract; 2.2.2 complies with the Security Policy; 2.2.3 complies with at least the minimum set of security measures and standards as determined by the Security Policy Framework (Tiers 1-4) available from the Cabinet Office Security Policy Division (COSPD);ISO/IEC27001 2.2.4 meets any specific security threats to the ISMS; 2.2.5 complies with ISO/IEC27001 and ISO/IEC27002 in accordance with paragraph 5 of this Schedule; 2.2.6 complies with the security requirements as set out in Schedule 2-2; and 2.2.7 2.2.5 complies with the CUSTOMER’s ICT standards. 2.3 Subject to Clause 16.3 of this Contract, the references to standards, guidance and policies set out in paragraph 2.2 of this Schedule shall be deemed to be references to such items as developed and updated and to any successor to or replacement for such standards, guidance and policies, from time to time. 2.4 In the event of any inconsistency in the provisions of the above standards, guidance and policies, the CONTRACTOR should notify the CUSTOMER's CITHS Contract Manager of such inconsistency immediately upon becoming aware of the same, and the CUSTOMER's CITHS Contract Manager shall, as soon as practicable, advise the CONTRACTOR which provision the CONTRACTOR shall be required to comply with.