Common use of Security Policy for Contractors Clause in Contracts

Security Policy for Contractors. 1. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. 2. In order to protect Departmental information appropriately, our Contractors must provide the security measures and safeguards appropriate to the nature and use of the information. All Contractors of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. 3. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each Contractor must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the Contractor and where relevant Sub-contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. 4. All Contractors must comply with the relevant DWP Security standards and policies. The Standards are based on andfollow the same format as International Standard 27001, but with specific reference to the Department’s use. 5. The following are key requirements and all Contractors must comply with relevant DWP policies concerning:

Security Policy for Contractors. 1. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. 2. In order to protect Departmental information appropriately, our Contractors must provide the security measures and safeguards appropriate to the nature and use of the information. All Contractors of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. 3. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each Contractor must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the Contractor and where relevant Sub-contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. 4. All Contractors must comply with the relevant Standards from the DWP Information Systems Security standards and policiesStandards. The Standards are based on andfollow and follow the same format as International Standard 27001, but with specific reference to the Department’s use. 5. The following are key requirements and all Contractors must comply with relevant DWP policies concerning:

Security Policy for Contractors. 1. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. 2. In order to protect Departmental information appropriately, our Contractors must provide the security measures and safeguards appropriate to the nature and use of the information. All Contractors of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. 3. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each Contractor must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the Contractor and where relevant Sub-contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. 4. All Contractors must comply with the relevant DWP Security standards and policies. The Standards are based on andfollow and follow the same format as International Standard 27001, but with specific reference to the Department’s use. 5. The following are key requirements and all Contractors must comply with relevant DWP policies concerning:

Security Policy for Contractors. 1. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. 2. In order to protect Departmental information appropriately, our Contractors must provide the security measures and safeguards appropriate to the nature and use of the information. All Contractors of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. 3. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each Contractor must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the Contractor and where relevant Sub-contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. 4. All Contractors must comply with the relevant Standards from the DWP Information Systems Security standards and policiesStandards. The Standards are based on andfollow and follow the same format as International Standard 27001, but with specific reference to the Department’s use. 5. The following are key requirements and all Contractors must comply with relevant DWP policies concerning:

Security Policy for Contractors. 1. The Department for Work and Pensions treats its information as a valuable asset and considers that it is essential that information must be protected, together with the systems, equipment and processes which support its use. These information assets may include data, text, drawings, diagrams, images or sounds in electronic, magnetic, optical or tangible media, together with any Personal Data for which the Department for Work and Pensions is the Data Controller. 2. In order to protect Departmental information appropriately, our Contractors must provide the security measures and safeguards appropriate to the nature and use of the information. All Contractors of services to the Department for Work and Pensions must comply, and be able to demonstrate compliance, with the Department’s relevant policies and standards. 3. The Chief Executive or other suitable senior official of each supplier must agree in writing to comply with these policies and standards. Each Contractor must also appoint a named officer who will act as a first point of contact with the Department for security issues. In addition all staff working for the Contractor and where relevant Sub-contractors, with access to Departmental IT Systems, Services or Departmental information must be made aware of these requirements and must comply with them. 4. All Contractors must comply with the relevant DWP Security standards and policies. The Standards are based on andfollow and follow the same format as International Standard 27001, but with specific reference to the Department’s use. 5. The following are key requirements and all Contractors must comply with relevant DWP policies concerning: