Audit Controls a. System Security Review. CONTRACTOR must ensure audit control mechanisms that record and examine system activity are in place. All systems processing and/or storing PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY must have at least an annual system risk assessment/security review which provides assurance that administrative, physical, and technical controls are functioning effectively and providing adequate levels of protection. Reviews should include vulnerability scanning tools.
Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.
Accounting Controls The Company and its Subsidiaries maintain systems of “internal control over financial reporting” (as defined under Rules 13a-15 and 15d-15 under the Exchange Act Regulations) that comply with the requirements of the Exchange Act and have been designed by, or under the supervision of, their respective principal executive and principal financial officers, or persons performing similar functions, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP, including, but not limited to, internal accounting controls sufficient to provide reasonable assurance that (i) transactions are executed in accordance with management’s general or specific authorizations; (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability; (iii) access to assets is permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company is not aware of any material weaknesses in its internal controls. The Company’s auditors and the Audit Committee of the Board of Directors of the Company have been advised of: (i) all significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting which are known to the Company’s management and that have adversely affected or are reasonably likely to adversely affect the Company’ ability to record, process, summarize and report financial information; and (ii) any fraud known to the Company’s management, whether or not material, that involves management or other employees who have a significant role in the Company’s internal controls over financial reporting.
Xxxxxxxx-Xxxxx; Internal Accounting Controls The Company and the Subsidiaries are in compliance with any and all applicable requirements of the Xxxxxxxx-Xxxxx Act of 2002 that are effective as of the date hereof, and any and all applicable rules and regulations promulgated by the Commission thereunder that are effective as of the date hereof and as of the Closing Date. The Company and the Subsidiaries maintain a system of internal accounting controls sufficient to provide reasonable assurance that: (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management’s general or specific authorization, and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. The Company and the Subsidiaries have established disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) for the Company and the Subsidiaries and designed such disclosure controls and procedures to ensure that information required to be disclosed by the Company in the reports it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the Commission’s rules and forms. The Company’s certifying officers have evaluated the effectiveness of the disclosure controls and procedures of the Company and the Subsidiaries as of the end of the period covered by the most recently filed periodic report under the Exchange Act (such date, the “Evaluation Date”). The Company presented in its most recently filed periodic report under the Exchange Act the conclusions of the certifying officers about the effectiveness of the disclosure controls and procedures based on their evaluations as of the Evaluation Date. Since the Evaluation Date, there have been no changes in the internal control over financial reporting (as such term is defined in the Exchange Act) of the Company and its Subsidiaries that have materially affected, or is reasonably likely to materially affect, the internal control over financial reporting of the Company and its Subsidiaries.
Sxxxxxxx-Xxxxx; Internal Accounting Controls The Company and the Subsidiaries are in compliance with any and all applicable requirements of the Sxxxxxxx-Xxxxx Act of 2002 that are effective as of the date hereof, and any and all applicable rules and regulations promulgated by the Commission thereunder that are effective as of the date hereof and as of the Closing Date. The Company and the Subsidiaries maintain a system of internal accounting controls sufficient to provide reasonable assurance that: (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management’s general or specific authorization, and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. The Company and the Subsidiaries have established disclosure controls and procedures (as defined in Exchange Act Rules 13a-15(e) and 15d-15(e)) for the Company and the Subsidiaries and designed such disclosure controls and procedures to ensure that information required to be disclosed by the Company in the reports it files or submits under the Exchange Act is recorded, processed, summarized and reported, within the time periods specified in the Commission’s rules and forms. The Company’s certifying officers have evaluated the effectiveness of the disclosure controls and procedures of the Company and the Subsidiaries as of the end of the period covered by the most recently filed periodic report under the Exchange Act (such date, the “Evaluation Date”). The Company presented in its most recently filed periodic report under the Exchange Act the conclusions of the certifying officers about the effectiveness of the disclosure controls and procedures based on their evaluations as of the Evaluation Date. Since the Evaluation Date, there have been no changes in the internal control over financial reporting (as such term is defined in the Exchange Act) of the Company and its Subsidiaries that have materially affected, or is reasonably likely to materially affect, the internal control over financial reporting of the Company and its Subsidiaries.
Administrative Controls The Contractor must have the following controls in place:
a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy.
b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data.
c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.
Human and Financial Resources to Implement Safeguards Requirements The Borrower shall make available necessary budgetary and human resources to fully implement the EMP and the RP.
Internal Accounting and Disclosure Controls The Company and each of its Subsidiaries maintains internal control over financial reporting (as such term is defined in Rule 13a-15(f) under the 0000 Xxx) that is effective to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles, including that (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with generally accepted accounting principles and to maintain asset and liability accountability, (iii) access to assets or incurrence of liabilities is permitted only in accordance with management’s general or specific authorization and (iv) the recorded accountability for assets and liabilities is compared with the existing assets and liabilities at reasonable intervals and appropriate action is taken with respect to any difference. The Company maintains disclosure controls and procedures (as such term is defined in Rule 13a-15(e) under the 0000 Xxx) that are effective in ensuring that information required to be disclosed by the Company in the reports that it files or submits under the 1934 Act is recorded, processed, summarized and reported, within the time periods specified in the rules and forms of the SEC, including, without limitation, controls and procedures designed to ensure that information required to be disclosed by the Company in the reports that it files or submits under the 1934 Act is accumulated and communicated to the Company’s management, including its principal executive officer or officers and its principal financial officer or officers, as appropriate, to allow timely decisions regarding required disclosure. Neither the Company nor any of its Subsidiaries has received any notice or correspondence from any accountant or other Person relating to any potential material weakness or significant deficiency in any part of the internal controls over financial reporting of the Company or any of its Subsidiaries.
Internal Accounting Controls The Company and each of its subsidiaries maintain a system of internal accounting controls sufficient to provide reasonable assurance that (i) transactions are executed in accordance with management's general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with generally accepted accounting principles and to maintain asset accountability, (iii) access to assets is permitted only in accordance with management's general or specific authorization and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences.
Xxxxxxxx-Xxxxx; Disclosure Controls The Company is in compliance in all material respects with all of the provisions of the Xxxxxxxx-Xxxxx Act of 2002 which are applicable to it. The Company maintains disclosure controls and procedures (as such term is defined in Rule 13a-15(e) and 15d-15(e) under the Exchange Act), and such disclosure controls and procedures are effective.
