Quality Management System Supplier hereby undertakes, warrants and confirms, and will ensue same for its subcontractors, to remain certified in accordance with ISO 9001 standard or equivalent. At any time during the term of this Agreement, the Supplier shall, if so instructed by ISR, provide evidence of such certifications. In any event, Supplier must notify ISR, in writing, in the event said certification is suspended and/or canceled and/or not continued.
Financial Management System Subrecipient shall establish and maintain a sound financial management system, based upon generally accepted accounting principles. Contractor’s system shall provide fiscal control and accounting procedures that will include the following:
Security System The site and the Work area may be protected by limited access security systems. An initial access code number will be issued to the Contractor by the County. Thereafter, all costs for changing the access code due to changes in personnel or required substitution of contracts shall be paid by the Contractor and may be deducted from payments due or to become due to the Contractor. Furthermore, any alarms originating from the Contractor’s operations shall also be paid by the Contractor and may be deducted from payments due or to become due to the Contractor.
Patch Management All workstations, laptops and other systems that process and/or 20 store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or 21 transmits on behalf of COUNTY must have critical security patches applied, with system reboot if 22 necessary. There must be a documented patch management process which determines installation 23 timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable 24 patches must be installed within thirty (30) calendar or business days of vendor release. Applications 25 and systems that cannot be patched due to operational reasons must have compensatory controls 26 implemented to minimize risk, where possible.
Access Management The Engineer shall coordinate and evaluate access management within the project limits in accordance with the latest State Access Management Manual or as directed by the State.
