Common use of Security of Suncorp Data Clause in Contracts

Security of Suncorp Data. (a) The Supplier must take reasonable care (including adhering to security procedures notified by Suncorp) of Suncorp Data and with the preservation, installation or handling of it. (b) The Supplier must establish, maintain and enforce information security controls against the unauthorised access, destruction, loss, alteration, disclosure or misuse of Suncorp Data in the possession or control of the Supplier, and its subcontractors. These information security controls must be designed, implemented and tested appropriately having regard to the risk and potential consequences of unauthorised access, destruction, loss, alteration, disclosure or misuse of Suncorp Data. (c) The Supplier must comply with Suncorp’s security procedures that relate to Suncorp Data (as notified and provided by the Suncorp from time time). (d) The Supplier must regularly (and at least once per calendar year) audit and test its technology and information security controls to ensure the design effectiveness and operating effectiveness of the controls, and promptly take steps reasonably required to implement any recommendations arising out of such audits and testing. (e) The Supplier must provide Suncorp and its auditors and professional advisers with details of the information security controls implemented by the Supplier and the results of audits and testing completed under paragraph 11.3(d). The Supplier must cooperate with Suncorp and its auditors and professional advisers in connection with any evaluations, reviews, assurance testing and audits of the design and operating effectiveness of the information security controls of Suncorp and/or its suppliers.

Security of Suncorp Data. (a) The Supplier must take reasonable care (including adhering to security procedures notified by Suncorp) of Suncorp Data and with the preservation, installation or handling of it. (b) The Supplier must establish, maintain and enforce information security controls against the unauthorised access, destruction, loss, alteration, disclosure or misuse of Suncorp Data in the possession or control of controlof the Supplier, and its subcontractors. These information security controls must be designed, implemented and tested appropriately having regard to testedappropriatelyhaving regardto the risk and potential consequences of unauthorised access, destruction, loss, alteration, disclosure or misuse of Suncorp Data. (c) The Supplier must comply with Suncorp’s security procedures that relate to Suncorp Data (as notified and provided by the Suncorp from time time). (d) The Supplier must regularly (and at andat least once per calendar year) audit and test its technology and information security controls to ensure the design effectiveness and operating effectiveness of the controls, and promptly take steps reasonably required to implement any recommendations arising out of such audits and testing. (e) The Supplier must provide Suncorp and its auditors and professional advisers with details of the information security controls implemented by the Supplier and the results of audits and testing completed under paragraph 11.3(d). The Supplier must cooperate with Suncorp and its auditors and professional advisers in connection with any evaluations, reviews, assurance testing and audits of the design and operating effectiveness of the information security controls of Suncorp and/or its suppliers.

Security of Suncorp Data. (a) The Supplier must take reasonable care (including adhering to security procedures notified in writing by Suncorp) of Suncorp Data and with the preservation, installation or handling of it. (b) The Supplier must establish, maintain and enforce information security controls against the unauthorised access, destruction, loss, alteration, disclosure or misuse of Suncorp Data in the possession or control of the Supplier, and its subcontractorsSubcontractors. These information security controls must be designed, implemented and tested appropriately having regard to the risk and potential consequences of unauthorised access, destruction, loss, alteration, disclosure or misuse of Suncorp Data. (c) The Supplier must comply with Suncorp’s security procedures notified in writing that relate to Suncorp Data (as reasonably notified and provided by the Suncorp from time time). (d) The Supplier must regularly (and at least once per calendar year) audit and test its technology and information security controls to ensure the design effectiveness and operating effectiveness of the controls, and promptly take steps reasonably required to implement any recommendations arising out of such audits and testing. (e) The Supplier must provide Suncorp and its auditors and professional advisers with details of the information security controls implemented by the Supplier and the results of audits and testing completed under paragraph 11.3(d). The Supplier must must, on reasonable request by Xxxxxxx, cooperate with Suncorp and its auditors and professional advisers in connection with any evaluations, reviews, assurance testing and audits of the design and operating effectiveness of the information security controls of Suncorp and/or its suppliers.