Security of System Files. To protect Supplier Information Processing Systems and system files containing Confidential Information, Supplier will ensure that access to source code is restricted to authorized users who have a direct need to know. Supplier will: (a) Ensure that the integrity of files in the operating environment are maintained and monitored for approved change; (b) Ensure that all systems and software have the latest vendor-supplied security patches; (c) Establish a process to identify newly discovered security vulnerabilities and update system and application standards to address new vulnerability issues; and (d) Ensure internal and external network vulnerability scans are conducted at least quarterly and network and application layer penetration testing at least once a year.
Appears in 4 contracts
Samples: Global Services Agreement, Global Services Agreement, Global Services Agreement