Response controls Sample Clauses

Response controls. Controls are in place to protect against, and support the detection of, malicious use of assets and malicious software and to report potential incidents to the Provider’s IS function or Service Desk for appropriate action. Controls may include, but are not limited to: information security policies and standards; restricted access; designated development and test environments; virus detection on servers, desktop and notebooks; virus email attachment scanning; system compliance scans; intrusion prevention monitoring and response; firewall rules; logging and alerting on key events; information handling procedures based on data type; e-commerce application and network security; and system and application vulnerability scanning. Additional controls may be implemented based on risk.
AutoNDA by SimpleDocs
Response controls. Controls are in place to protect against, and support the detection of, malicious use of assets and malicious software and to report potential incidents to the Arista’s IS function or Service Desk for appropriate action. Controls may include, but are not limited to: information security policies and standards; restricted access; designated development and test environments; virus detection on servers, desktop and notebooks; virus email attachment scanning; system compliance scans; intrusion prevention monitoring and response; firewall rules; logging and alerting on key events; information handling procedures based on data type; e-commerce application and network security; and system and application vulnerability scanning. Additional controls may be implemented based on risk. Arista shall, to the extent it has control over any electronic transmission or transfer of personal data, take all reasonable steps to ensure that such transmission or transfer cannot be read, copied, altered or removed without proper authority during its transmission or transfer. In particular, Arista shall: 1. implement industry-standard encryption practices in its transmission of personal data, including standard encryption practices from the National Institute of Standards and Technology (NIST). Industry-standard encryption methods used by Arista includes Transport Layer Security (TLS), a secure shell program such as SSH, and/or Internet Protocol Security (IPSec); 2. if technically feasible, encrypt all personal data, including, in particular any sensitive personal data or confidential information, when transmitting or transferring that data over any public network, or over any network not owned and maintained by Arista. The Arista’s policy recognizes that encryption is ineffective unless the encryption key is inaccessible to unauthorized individuals and instructs personnel never to provide an encryption key via the same channel as the encrypted document;
Response controls. Controls are in place to protect against, and support the detection of, malicious use of assets and malicious software and to report potential incidents to the data importer’s IS function or Service Desk for appropriate action. Controls may include, but are not limited to: information security policies and standards; restricted access; designated development and test environments; virus detection on servers, desktop and notebooks; virus email attachment scanning; system compliance scans; intrusion prevention monitoring and response; firewall rules; logging and alerting on key events; information handling procedures based on data type; e-commerce application and network security; and system and application vulnerability scanning. Additional controls may be implemented based on risk. 1. implement industry-standard encryption practices in its transmission of personal data. Industry-standard encryption methods used by data importer includes Secure Sockets Layer (SSL), Transport Layer Security (TLS), a secure shell program such as SSH, and/or Internet Protocol Security (IPSec); 2. if technically feasible, encrypt all personal data, including, in particular any sensitive personal data or confidential information, when transmitting or transferring that data over any public network, or over any network not owned and maintained by data importer. The data importer’s policy recognizes that encryption is ineffective unless the encryption key is inaccessible to unauthorized individuals and instructs personnel never to provide an encryption key via the same channel as the encrypted document;
Response controls. Controls are in place to protect against, and support the detection of, malicious use of assets and malicious software and to report potential incidents to Expel’s IS function or Service Desk for appropriate action. Controls may include, but are not limited to: information security policies and standards; restricted access; designated development and test environments; virus detection on servers, desktop and notebooks; virus email attachment scanning; system compliance scans; intrusion prevention monitoring and response; firewall rules; logging and alerting on key events; information handling procedures based on data type; e-commerce application and network security; and system and application vulnerability scanning. Additional controls may be implemented based on risk. Expel shall, to the extent it has control over any electronic transmission, transfer or storage of personal data, take all reasonable steps to ensure that such data cannot be read, copied, altered or removed without proper authority during its transmission, transfer or storage. In particular, Expel shall:

Related to Response controls

  • Access Controls The system providing access to PHI COUNTY discloses to 20 CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY 21 must use role based access controls for all user authentications, enforcing the principle of least privilege.

  • Controls Each party will maintain commercially reasonable administrative, technical, and physical controls designed to protect data in its possession or under its control from unauthorised access, accidental loss and unauthorised modification. You are responsible for implementing administrative, technical, and physical controls that are appropriate for your business.

  • TIA Controls If any provision of this Indenture limits, qualifies, or conflicts with another provision which is required to be included in this Indenture by the TIA, the required provision shall control.

  • Plan Controls The terms contained in the Plan are incorporated into and made a part of this Agreement and this Agreement shall be governed by and construed in accordance with the Plan. In the event of any actual or alleged conflict between the provisions of the Plan and the provisions of this Agreement, the provisions of the Plan shall be controlling and determinative.

  • Indenture Controls If and to the extent that any provision of the Notes limits, qualifies or conflicts with a provision of this Indenture, such provision of this Indenture shall control.

  • Disclosure Controls The Company and its subsidiaries maintain an effective system of “disclosure controls and procedures” (as defined in Rule 13a-15(e) of the Exchange Act) that complies with the requirements of the Exchange Act and that has been designed to ensure that information required to be disclosed by the Company in reports that it files or submits under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in the Commission’s rules and forms, including controls and procedures designed to ensure that such information is accumulated and communicated to the Company’s management as appropriate to allow timely decisions regarding required disclosure. The Company and its subsidiaries have carried out evaluations of the effectiveness of their disclosure controls and procedures as required by Rule 13a-15 of the Exchange Act.

  • Accounting Controls The Company and its Subsidiaries maintain systems of “internal control over financial reporting” (as defined under Rules 13a-15 and 15d-15 under the Exchange Act Regulations) that comply with the requirements of the Exchange Act and have been designed by, or under the supervision of, their respective principal executive and principal financial officers, or persons performing similar functions, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP, including, but not limited to, internal accounting controls sufficient to provide reasonable assurance that (i) transactions are executed in accordance with management’s general or specific authorizations; (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP and to maintain asset accountability; (iii) access to assets is permitted only in accordance with management’s general or specific authorization; and (iv) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. Except as disclosed in the Registration Statement, the Pricing Disclosure Package and the Prospectus, the Company is not aware of any material weaknesses in its internal controls. The Company’s auditors and the Audit Committee of the Board of Directors of the Company have been advised of: (i) all significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting which are known to the Company’s management and that have adversely affected or are reasonably likely to adversely affect the Company’ ability to record, process, summarize and report financial information; and (ii) any fraud known to the Company’s management, whether or not material, that involves management or other employees who have a significant role in the Company’s internal controls over financial reporting.

  • Administrative Controls The Contractor must have the following controls in place: a. A documented security policy governing the secure use of its computer network and systems, and which defines sanctions that may be applied to Contractor staff for violating that policy. b. If the Data shared under this agreement is classified as Category 4, the Contractor must be aware of and compliant with the applicable legal or regulatory requirements for that Category 4 Data. c. If Confidential Information shared under this agreement is classified as Category 4, the Contractor must have a documented risk assessment for the system(s) housing the Category 4 Data.

  • Trade Controls DXC and Supplier will comply with all applicable export, import and trade-related laws and regulations of the United States and other nations. To this effect, Supplier warrants that: (i) if necessary and upon DXC’s request, it will provide DXC with technical specifications concerning commodities, software, technology or services covered by this agreement sufficient for DXC to determine the appropriate export and import classification of such items under applicable regulations; (ii) to the best of the Supplier’s knowledge, the Supplier is not listed on any U.S. Government international trade sanctions lists and that Supplier will give immediate notice to DXC in the event that it is so listed; and

  • Personal Controls a. Employee Training. All workforce members who assist in the performance of functions or activities on behalf of COUNTY in connection with Agreement, or access or disclose PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or transmits on behalf of COUNTY, must complete information privacy and security training, at least annually, at CONTRACTOR’s expense. Each workforce member who receives information privacy and security training must sign a certification, indicating the member’s name and the date on which the training was completed. These certifications must be retained for a period of six (6) years following the termination of Agreement.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!