Security Policies IBM maintains privacy and security policies that are communicated to IBM employees. IBM requires privacy and security training to personnel who support IBM data centers. We have an information security team. IBM security policies and standards are reviewed and re-evaluated annually. IBM security incidents are handled in accordance with a comprehensive incident response procedure.
Contractor and Employee Security Precautions The security aspects of working at the Correctional Facility are critical. The following security precautions are part of the site conditions and are a part of this Contract. All persons coming on the site in any way connected with this Work shall be made aware of them, and it is the (General) Contractor’s responsibility to check and enforce them.
Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.
Contractor Personnel Contractor's staff is expected to present a professional appearance. All personnel of the Contractor will be neat, well groomed, properly uniformed in industry standard uniforms and are expected to conduct themselves at all times in a responsible and courteous manner while performing any work under this Agreement and/or whenever they are on District property. The following code of conduct will be adhered to by the Contractor, his agent(s) and/or his employees. If Contractor fails to ensure that its employees or other agents comply with these requirements, then Contractor may be terminated for cause under this Agreement:
A. All employees of the Contractor shall wear a recognizable uniform. No hats will be worn inside the building. All of Contractor’s employees and agents performing work must carry a government-issued photo ID. Contractor’s employees and agents will present ID to District Staff upon request. This provision will be strictly enforced.
B. The use of tobacco or tobacco products on Board property is prohibited by State law.
C. The Contractor will not be permitted to utilize Day Labor or Temporary Workers to provide any services at any District facility. This includes any employees or agents that are hired prior to contract award. Failure to comply with this requirement could result in immediate termination of contract with the Contractor liable for any breach, including liquidated damages for delay damages and/or forfeiture of Performance Bond.
D. The Contractor or employees or agents of the Contractor are not permitted to play loud music, to make unnecessary noises, or to use vulgar or inappropriate language that causes offense to others.
E. The employment of unauthorized or illegal aliens by the Contractor is considered a violation of Section 247A (e) of the Immigration and Naturalization Act. If the Contractor knowingly employs unauthorized aliens, such a violation shall also be cause for termination of this Agreement.
F. Possession of firearms will not be tolerated on Board property. No person who has a firearm in their vehicle will be permitted to park on District property. Any employee of the Contractor found in violation of this policy will be immediately asked to leave, and will not be allowed to return to perform further work without the consent of the District.
G. The Contractor certifies that he/she will not engage in the unlawful manufacture, sale distribution, dispensation, possession, or use of a controlled substance or drug during the performance of the contract and that a drug-free workplace will be provided for the Contractor’s employees or agents during the performance of the contract. The Contractor also certifies that he will secure from any subcontractor who works on the contract, written certification of the same drug free workplace requirements. False certification or violation by failing to carry out requirements of O.C.G.A. § 50-24-3 may cause suspension, termination of contract, or debarment of such bidder Please Note: If any employee or agent of the Contractor or Sub-contractor is found to have brought a firearm on District property, the Contractor or Sub-contractor shall prohibit them from continuing to perform any work on District property. If the Contractor or Sub-contractor fails to do so, then the District may terminate this Agreement for cause as set forth below.
Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § 00-00-000 et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.
Technical Safeguards 1. USAC and DSS will process the data matched and any data created by the match under the immediate supervision and control of authorized personnel to protect the confidentiality of the data, so unauthorized persons cannot retrieve any data by computer, remote terminal, or other means.
2. USAC and DSS will strictly limit authorization to these electronic data areas necessary for the authorized user to perform their official duties. All data in transit will be encrypted using algorithms that meet the requirements of the Federal Information Processing Standard (FIPS) Publication 140-2 or 140-3 (when applicable).
3. Authorized system users will be identified by User ID and password, and individually tracked to safeguard against the unauthorized access and use of the system. System logs of all user actions will be saved, tracked and monitored periodically.
4. USAC will transmit data to DSS via encrypted secure file delivery system. For each request, a response will be sent back to USAC to indicate success or failure of transmission.
Personnel Equipment and Material Engineer shall furnish and maintain, at its own expense, quarters for the performance of all Engineering Services, and adequate and sufficient personnel and equipment to perform the Engineering Services as required. All employees of Engineer shall have such knowledge and experience as will enable them to perform the duties assigned to them. Any employee of Engineer who, in the reasonable opinion of County, is incompetent or whose conduct becomes detrimental to the Engineering Services shall immediately be removed from association with the Project when so instructed by County. Engineer certifies that it presently has adequate qualified personnel in its employment for performance of the Engineering Services required under this Contract, or will obtain such personnel from sources other than County. Engineer may not change the Project Manager without prior written consent of County.
Security Practices Dell has implemented corporate information security practices and standards that are designed to safeguard the Dell’s corporate environment and to address: (1) information security; (2) system and asset management; (3) development; and (4) governance. These practices and standards are approved by the Dell CIO and undergo a formal review on an annual basis.
Technical and Organisational Measures (1) Before the commencement of processing, the Supplier shall document the execution of the necessary Technical and Organisational Measures, set out in advance of the awarding of the Order or Contract, specifically with regard to the detailed execution of the contract, and shall present these documented measures to the Client for inspection. Upon acceptance by the Client, the documented measures become the foundation of the contract. Insofar as the inspection/audit by the Client shows the need for amendments, such amendments shall be implemented by mutual agreement.
(2) The Supplier shall establish the security in accordance with Article 28 Paragraph 3 Point c, and Article 32 GDPR in particular in conjunction with Article 5 Paragraph 1, and Paragraph 2 GDPR. The measures to be taken are measures of data security and measures that guarantee a protection level appropriate to the risk concerning confidentiality, integrity, availability and resilience of the systems. The state of the art, implementation costs, the nature, scope and purposes of processing as well as the probability of occurrence and the severity of the risk to the rights and freedoms of natural persons within the meaning of Article 32 Paragraph 1 GDPR must be taken into account. [Details in Appendix 1]
(3) The Technical and Organisational Measures are subject to technical progress and further development. In this respect, it is permissible for the Supplier to implement alternative adequate measures. In so doing, the security level of the defined measures must not be reduced. Substantial changes must be documented.
Contractor Key Personnel The Contractor shall assign a Corporate OASIS SB Program Manager (COPM) and Corporate OASIS SB Contract Manager (COCM) as Contractor Key Personnel to represent the Contractor as primary points-of-contact to resolve issues, perform administrative duties, and other functions that may arise relating to OASIS SB and task orders solicited and awarded under OASIS SB. Additional Key Personnel requirements may be designated by the OCO at the task order level. There is no minimum qualification requirements established for Contractor Key Personnel. Additionally, Contractor Key Personnel do not have to be full-time positions; however, the Contractor Key Personnel are expected to be fully proficient in the performance of their duties. The Contractor shall ensure that the OASIS SB CO has current point-of-contact information for both the COPM and COCM. In the event of a change to Contractor Key Personnel, the Contractor shall notify the OASIS SB CO and provide all Point of Contact information for the new Key Personnel within 5 calendar days of the change. All costs associated with Contractor Key Personnel duties shall be handled in accordance with the Contractor’s standard accounting practices; however, no costs for Contractor Key Personnel may be billed to the OASIS Program Office. Failure of Contractor Key Personnel to effectively and efficiently perform their duties will be construed as conduct detrimental to contract performance and may result in activation of Dormant Status and/or Off-Ramping (See Sections H.16. and H.17.).
