Security and Privacy Assessments Sample Clauses

Security and Privacy Assessments. Vendor shall provide support for assessments of FISMA compliance on an annual routine basis. Security and Privacy assessments may include, but are not limited to, third party assessments to achieve FISMA ATO or to maintain continuous monitoring and ongoing authorization of a Vendor IT system in compliance with the RMF and controls described in NIST SP 800-53 Rev 5. The assessment process may also include security penetration testing to identify additional vulnerabilities through ethical hacking and compliance challenging techniques. Assessments shall include but shall not be limited to: (a) Vendor’s documented and demonstrated internal controls and procedures related to the Services; (b) cooperation with USAC IT Security or Privacy staff in connection with testing the effectiveness of such controls and procedures; (c) making at least quarterly representations to USAC regarding any significant changes to such controls and procedures; (d) documenting and tracking all identified material weaknesses or deficiencies reported by an assessment, penetration test, Cybersecurity Incident or Privacy Incident, or any other deficiency that would prevent USAC from complying with Law, using a Plan of Action and Milestones (POA&M) process; and (e) cooperating with USAC Auditors in connection with the issuance of the reports described in Section 3.20. Vendor shall promptly remediate any weakness identified in any assessment, in no event later than recommended or demanded by the assessors.
AutoNDA by SimpleDocs
Security and Privacy Assessments. Penetration Tests, and Red Team Exercises Test the overall strength of the organization’s defense (the technology, processes, and people) by simulating the objectives and actions of an attacker; as well as, assess and validate the controls, policies, and procedures of the organization’s privacy and personal data protections.
Security and Privacy Assessments. CSG’s security specialists establish security-related expectations and awareness as a key component of protecting informational assets. CSG will work with Customer training, information security, and privacy representatives to assess information security and privacy documentation and systems, and make forward looking recommendations on policy, applications, and platforms. CSG works with Customer staff and system vendors to address the vulnerabilities discovered during vulnerability scans. We review and analyze processes such as configuration management and change management to identify any potential weaknesses that could reduce the effectiveness of the implemented technical solutions.

Related to Security and Privacy Assessments

  • Security and Privacy 3. Security and privacy policies for the Genesys Cloud Service addressing use of Customer Data, which are incorporated by reference, are located at xxxxx://xxxx.xxxxxxxxxxx.xxx/articles/Genesys Cloud-security-compliance/.

  • Data Security and Privacy 12.1 SERVICE PROVIDER acknowledges the importance of Data Security and agrees to adhere to the Terms and Conditions of the Data Security Policy of IIMC.

  • Security and Data Privacy Each party will comply with applicable data privacy laws governing the protection of personal data in relation to their respective obligations under this Agreement. Where Siemens acts as Customer’s processor of personal data provided by Customer, the Data Privacy Terms available at xxxxx://xxx.xxxxxxx.xxx/dpt/sw, including the technical and organizational measures described therein, apply to the use of the relevant Learning Services and are incorporated herein by reference.

  • Security Assessments Upon advance written notice by the JBE, Contractor agrees that the JBE shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the JBE’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the JBE the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.

  • Data Security and Privacy Plan As more fully described herein, throughout the term of the Master Agreement, Vendor will have a Data Security and Privacy Plan in place to protect the confidentiality, privacy and security of the Protected Data it receives from the District. Vendor’s Plan for protecting the District’s Protected Data includes, but is not limited to, its agreement to comply with the terms of the District’s Bill of Rights for Data Security and Privacy, a copy of which is set forth below and has been signed by the Vendor. Additional components of Vendor’s Data Security and Privacy Plan for protection of the District’s Protected Data throughout the term of the Master Agreement are as follows:

  • Network Security and Privacy Liability Insurance During the term of this Contract, Supplier will maintain coverage for network security and privacy liability. The coverage may be endorsed on another form of liability coverage or written on a standalone policy. The insurance must cover claims which may arise from failure of Supplier’s security resulting in, but not limited to, computer attacks, unauthorized access, disclosure of not public data – including but not limited to, confidential or private information, transmission of a computer virus, or denial of service. Minimum limits: $2,000,000 per occurrence $2,000,000 annual aggregate Failure of Supplier to maintain the required insurance will constitute a material breach entitling Sourcewell to immediately terminate this Contract for default.

  • Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.

  • INFORMATION AND PRIVACY You understand and agree that in conjunction with employee training, quality control and the provision of services, we may monitor and/or electronically record cellular transmissions related to the Services, as well as conversations with you or others. Further, you understand that privacy cannot be guaranteed on telephone, cellular network and computer systems, and we shall not be liable to you for any claims, loss, damages or costs which may result from a lack of privacy experienced. You consent to us (i) using information about you and your location (collectively, “information’) to administer services, offer you new products or services, enforce the terms of this Agreement, prevent fraud and respond to regulatory and legal requirements, (ii) response to a subpoena or other such legal process, and (iii) using and sharing aggregate Subscriber information and statistics that do not include information that identifies you personally.

  • Personal Information and Privacy 9.1 We will handle Personal Information in accordance with the Privacy Legislation and our privacy policy available at xxx.xxxxxxxxxxxxxxx.xxx/xx/xxxxxxx-xxxxxx/.

  • DATA PROTECTION AND PRIVACY 14.1 In addition to Supplier’s obligations under Sections 6, 9, 10, and 15, Supplier will comply with this Section 14 when processing Accenture Personal Data. "

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!