Common use of Security Policy for Contractors Clause in Contracts

Security Policy for Contractors. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. In order to protect Departmental information appropriately, our suppliers must provide the security measures and safeguards appropriate to the nature and use of the information. All suppliers of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each supplier must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the supplier and where relevant sub-contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. All suppliers must comply with the relevant Standards from the DWP Information Systems Security Standards. The Standards are based on and follow the same format as International Standard 27001, but with specific reference to the Department’s use. The following are key requirements and all suppliers must comply with relevant DWP policies concerning: Personnel Security Staff recruitment in accordance with government requirements for pre-employment checks; Staff training and awareness of Departmental security and any specific contract requirements.

Security Policy for Contractors. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. In order to protect Departmental information appropriately, our suppliers must provide the security measures and safeguards appropriate to the nature and use of the information. All suppliers of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each supplier must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the supplier and where relevant sub-sub- contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. All suppliers must comply with the relevant Standards from the DWP Information Systems Security Standards. The Standards are based on and follow the same format as International Standard 27001, but with specific reference to the Department’s use. The following are key requirements and all suppliers must comply with relevant DWP policies concerning: Personnel Security Staff recruitment in accordance with government requirements for pre-pre- employment checks; Staff training and awareness of Departmental security and any specific contract requirements.

Security Policy for Contractors. ‌ The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. In order to protect Departmental information appropriately, our suppliers must provide the security measures and safeguards appropriate to the nature and use of the information. All suppliers of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each supplier must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the supplier and where relevant sub-sub- contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. All suppliers must comply with the relevant Standards from the DWP Information Systems Security Standards. The Standards are based on and follow the same format as International Standard 27001, but with specific reference to the Department’s use. The following are key requirements and all suppliers must comply with relevant DWP policies concerning: Personnel Security Staff recruitment in accordance with government requirements for pre-pre- employment checks; Staff training and awareness of Departmental security and any specific contract requirements.

Security Policy for Contractors. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. In order to protect Departmental information appropriately, our suppliers must provide the security measures and safeguards appropriate to the nature and use of the information. All suppliers of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s Department‟s relevant policies and standards. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each supplier must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff Staff working for the supplier and where relevant sub-sub- contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. All suppliers must comply with the relevant Standards from the DWP Information Systems Security Standards. The Standards are based on and follow the same format as International Standard 27001, but with specific reference to the Department’s Department‟s use. The following are key requirements and all suppliers must comply with relevant DWP policies concerning: Personnel Security Staff recruitment in accordance with government requirements for pre-pre- employment checks; Staff training and awareness of Departmental security and any specific contract requirements.