Common use of Security Compliance Clause in Contracts

Security Compliance. Contractor is responsible for establishing an information security program and maintaining physical, technical, administrative, and organizational safeguards that comply with applicable industry standards and guidelines. Contractor shall materially comply with Washington Office of the Chief Information Officer (OCIO) statewide information technology policies 141.10 – Securing Information Technology Assets Standards and 188 - Accessibility, as applicable, for Purchaser and for Contractor’s products implemented by Purchaser. Such policies are located on the OCIO website at: xxxxx://xxxx.xx.xxx//policies.

Security Compliance. Contractor is responsible for establishing an information security program and maintaining physical, technical, administrative, and organizational safeguards safeguards, that comply with applicable with:  Applicable industry standards and guidelines. Contractor shall materially comply with ;  Washington State Office of the Chief Information Officer (OCIO) statewide information technology policies Policy 141.10 – Securing Information Technology Assets Standards located at xxxxx://xxxx.xx.xxx//policies/141-securing-information-technology-assets;  Payment Card Industry Data Security Standards (PCI/DSS); and 188 - Accessibility, as applicable, for Purchaser and for Contractor’s products implemented by Purchaser. Such policies are located on the OCIO website at: xxxxx://xxxx.xx.xxx//policies Payment Application Data Security Standards (PA-DSS).

Security Compliance. Contractor is responsible for establishing an information security program and maintaining physical, technical, administrative, and organizational safeguards safeguards, that comply with with: (a) applicable industry standards and guidelines. Contractor shall materially comply with ; (b) American Institute of Certified Public Accountants (AICPA) System and Organization Controls (SOC) 1; and (c) Washington State Office of the Chief Information Officer (OCIO) statewide information technology policies Policy 141.10 – Securing Information Technology Assets Standards and 188 - Accessibility, as applicable, for Purchaser and for Contractor’s products implemented by Purchaser. Such policies are located on the OCIO website at: xxxxx://xxxx.xx.xxx//policiesat xxxxx://xxxx.xx.xxx/policy/securing- information-technology-assets-standards.

Security Compliance. Contractor is responsible for establishing an information security program and maintaining physical, technical, administrative, and organizational safeguards safeguards, that comply with applicable with: ▪ Applicable industry standards and guidelines. Contractor shall materially comply with ; ▪ Washington State Office of the Chief Information Officer (OCIO) statewide information technology policies Policy 141.10 – Securing Information Technology Assets Standards located at xxxxx://xxxx.xx.xxx//policies/141-securing-information-technology-assets; ▪ Payment Card Industry Data Security Standards (PCI/DSS); and 188 - Accessibility, as applicable, for Purchaser and for Contractor’s products implemented by Purchaser. Such policies are located on the OCIO website at: xxxxx://xxxx.xx.xxx//policies▪ Payment Application Data Security Standards (PA-DSS).