Security Management. The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.
Security Management a. Security policy and procedures: Processor must document a security policy with regard to the processing of personal data.
Security Management. Within three (3) months after the Effective Date, the CONTRACTOR will prepare and deliver to the CUSTOMER for approval full documentation of the processes listed at paragraphs 8.4.2 and 8.4.3 of this Schedule and to a standard sufficient to achieve ISO 20000 certification. If the documentation is not approved by the CUSTOMER, the CONTRACTOR shall amend it within fifteen (15) Working Days of a notice of non- approval and re-submit to the CUSTOMER for approval. No approval to be given by the CUSTOMER pursuant to this paragraph 8.4.4 may be unreasonably withheld or delayed.
Security Management. Partner maintains a written information security management system (ISMS), in accordance with this Appendix, that includes policies, processes, enforcement and controls governing all storage/processing/transmitting of Personal Data, designed to (a) secure Personal Data against accidental or unlawful loss, access or disclosure; (b) identify reasonable foreseeable and internal risks to security and authorized access to Partner Network, and (c) minimize security risks, including through risk assessment and regular testing. The information security program will include the following measures: Partner actively follows information security trends and developments as well as legal developments with regards to the services provided and especially with regards to Personal Data and uses such insights to maintain its ISMS, as appropriate. To the extent Partner process cardholder or payment data (such as payment or credit cards), Partner will maintain its ISMS in accordance with the PCI DSS standard, augmented to cover Personal Data, or such other alternative standards that are substantially equivalent to PCI DSS for the establishment, implementation, and control of its ISMS. Additionally, Partner will be assessed against PCI DSS annually by an on-site assessment carried out by an independent QSA (Qualified Security Assessor) and upon Company's request, not to exceed once annually, Partner will provide customer with PCI DSS Attestation of Compliance.
Security Management. Ensuring desired levels of protection for Federal systems, data, and related assets are achieved (e.g., identification/authentication, access control, encryption, intrusion detection, verification, digital signature, user management, role/privilege management, audit trail capture/analysis). Collaboration: Communications, messaging, information sharing, scheduling and task management activities (e.g., email, threaded discussions, document library, shared calendaring, task management). Search: Searching, querying, and retrieving data from multiple sources (e.g., precision/recall ranking, classification, pattern matching) Communications: Voice, data, and video communications in multiple formats and protocols (e.g., real time chat, instant messaging, audio/video conferencing, event/news management, community management support, computer/telephony integration, voice communications).
Security Management. All services provided by Planet Payment to Acquirer are subject to the security requirements stipulated in the main body of the Agreement. Planet Payment will treat all security incidents as critical incidents and include all security incidents (if any) in the regular reporting with all critical incidents.
Security Management. The Contractor shall appoint a senior official to act as the Corporate Security Officer. The individual will interface with the OPR-PSU through the COTR on all security matters, to include physical, personnel, and protection of all Government information and data accessed by the Contractor. The COTR and the OPR-PSU shall have the right to inspect the procedures, methods, and facilities utilized by the Contractor in complying with the security requirements under this contract. Should the COTR determine that the Contractor is not complying with the security requirements of this contract, the Contractor will be informed in writing by the Contracting Officer of the proper action to be taken in order to effect compliance with such requirements. The following computer security requirements apply to both Department of Homeland Security (DHS) operations and to the former Immigration and Naturalization Service operations (FINS). These entities are hereafter referred to as the Department.
Security Management. 3.1 The Operator shall operate a security management function in relation to the Operator Systems. This shall include having:
3.1.1 a single named point of contact within the Operator organisation for security management;
3.1.2 board-level responsibility for security within the Operator organisation;
3.1.3 an appropriate process within the Operator for escalation and resolution of security issues;
3.1.4 security specialists with the necessary skills and experience (including risk assessment, technical design, security testing, vulnerability assessment and contingency planning) to fulfil the requirements of this Agreement;
3.1.5 administrators with the necessary skills and experience to perform required security administration activities (including setting up new users, Malicious Software clean-up, data back-up, system monitoring, the investigation of security incidents); and
3.1.6 a person or team responsible for assessing the security implications of new technology or evaluating the opportunities presented by new security products and services.
3.2 The Operator shall implement and maintain a detailed security management process for the Operator systems, which shall be agreed with the Authority during the Implementation Phase.
3.3 The Authority may, on the provision of notice which is reasonable in the circumstances, convene such meetings as it considers necessary to deal with any security-related issues. The Operator shall ensure that the Staff nominated by the Authority are available to attend any such meeting.
3.4 Without prejudice to any obligations of the Operator under the Agreement, the Operator shall provide the Staff with appropriate training on security functions and procedures.
Security Management. Each Party shall comply with its obligations, and shall have the rights provided to it, as set out in Schedule 14 (Security Management).
Security Management. Party B shall be responsible for the security management of the office building. It shall register visitors and patrol within the office building 24 hours a day.
