Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Benchmarks for Measuring Accessibility For the purposes of this Agreement, the accessibility of online content and functionality will be measured according to the W3C’s Web Content Accessibility Guidelines (WCAG) 2.0 Level AA and the Web Accessibility Initiative Accessible Rich Internet Applications Suite (WAI-ARIA) 1.0 for web content, which are incorporated by reference.
Data Access Control Persons entitled to use data processing systems gain access only to the Personal Data that they have a right to access, and Personal Data must not be read, copied, modified or removed without authorization in the course of processing, use and storage.
Planned Outages Seller shall schedule Planned Outages for the Project in accordance with Good Industry Practices and with the prior written consent of Buyer, which consent may not be unreasonably withheld or conditioned. The Parties acknowledge that in all circumstances, Good Industry Practices shall dictate when Planned Outages should occur. Seller shall notify Buyer of its proposed Planned Outage schedule for the Project for the following calendar year by submitting a written Planned Outage schedule no later than October 1st of each year during the Delivery Term. The Planned Outage schedule is subject to Buyer’s approval, which approval may not be unreasonably withheld or conditioned. Buyer shall promptly respond with its approval or with reasonable modifications to the Planned Outage schedule and Seller shall use its best efforts in accordance with Good Industry Practices to accommodate Xxxxx’s requested modifications. Notwithstanding the submission of the Planned Outage schedule described above, Seller shall also submit a completed Outage Notification Form to Buyer no later than fourteen (14) days prior to each Planned Outage and all appropriate outage information or requests to the CAISO in accordance with the CAISO Tariff. Seller shall contact Buyer with any requested changes to the Planned Outage schedule if Seller believes the Project must be shut down to conduct maintenance that cannot be delayed until the next scheduled Planned Outage consistent with Good Industry Practices. Seller shall not change its Planned Outage schedule without Buyer’s approval, not to be unreasonably withheld or conditioned. Seller shall use its best efforts in accordance with Good Industry Practices not to schedule Planned Outages during the months of July, August, September and October. At Buyer’s request, Seller shall use commercially reasonable efforts to reschedule Planned Outage so that it may deliver Product during CAISO declared or threatened emergency periods. Seller shall not substitute Energy from any other source for the output of the Project during a Planned Outage.
Information Technology Accessibility Standards Any information technology related products or services purchased, used or maintained through this Grant must be compatible with the principles and goals contained in the Electronic and Information Technology Accessibility Standards adopted by the Architectural and Transportation Barriers Compliance Board under Section 508 of the federal Rehabilitation Act of 1973 (29 U.S.C. §794d), as amended. The federal Electronic and Information Technology Accessibility Standards can be found at: xxxx://xxx.xxxxxx-xxxxx.xxx/508.htm.
System Access Control Data processing systems used to provide the Cloud Service must be prevented from being used without authorization.
Geological and archaeological finds It is expressly agreed that mining, geological or archaeological rights do not form part of this Agreement with the Contractor for the Works, and the Contractor hereby acknowledges that it shall not have any mining rights or interest in the underlying minerals, fossils, antiquities, structures or other remnants or things either of particular geological or archaeological interest and that such rights, interest and property on or under the Site shall vest in and belong to the Authority or the concerned Government Instrumentality. The Contractor shall take all reasonable precautions to prevent its workmen or any other person from removing or damaging such interest or property and shall inform the Authority forthwith of the discovery thereof and comply with such instructions as the concerned Government Instrumentality may reasonably give for the removal of such property. For the avoidance of doubt, it is agreed that any reasonable expenses incurred by the Contractor hereunder shall be reimbursed by the Authority. It is also agreed that the Authority shall procure that the instructions hereunder are issued by the concerned Government Instrumentality within a reasonable period.
Network Access Control The VISION Web Site and the Distribution Support Services Web Site (the “DST Web Sites”) are protected through multiple levels of network controls. The first defense is a border router which exists at the boundary between the DST Web Sites and the Internet Service Provider. The border router provides basic protections including anti-spoofing controls. Next is a highly available pair of stateful firewalls that allow only HTTPS traffic destined to the DST Web Sites. The third network control is a highly available pair of load balancers that terminate the HTTPS connections and then forward the traffic on to one of several available web servers. In addition, a second highly available pair of stateful firewalls enforce network controls between the web servers and any back-end application servers. No Internet traffic is allowed directly to the back-end application servers. The DST Web Sites equipment is located and administered at DST’s Winchester data center. Changes to the systems residing on this computer are submitted through the DST change control process. All services and functions within the DST Web Sites are deactivated with the exception of services and functions which support the transfer of files. All ports on the DST Web Sites are disabled, except those ports required to transfer files. All “listeners,” other than listeners required for inbound connections from the load balancers, are deactivated. Directory structures are “hidden” from the user. Services which provide directory information are also deactivated.
Disturbance Analysis Data Exchange The Parties will cooperate with one another and the NYISO in the analysis of disturbances to either the Large Generating Facility or the New York State Transmission System by gathering and providing access to any information relating to any disturbance, including information from disturbance recording equipment, protective relay targets, breaker operations and sequence of events records, and any disturbance information required by Good Utility Practice.
Technical and Organizational Measures The following sections define SAP’s current technical and organizational measures. SAP may change these at any time without notice so long as it maintains a comparable or better level of security. Individual measures may be replaced by new measures that serve the same purpose without diminishing the security level protecting Personal Data.
