Security Policy Framework. The parties agree to enter into a confidential relationship with respect to the disclosure of certain sensitive, proprietary or protected information ("Sensitive Information").
Security Policy Framework. The Supplier shall evidence working towards compliance with SPF minimum mandatory measures (as contained within this clause S3-30) and shall ensure that controls are in place relevant to the BIL of DfE Data before the contract. The Supplier shall record compliance, and evidence of such compliance, with its obligations under this Schedule 7, using a self-assessment checklist (“Self-Assessment Checklist”) satisfactory to DfE and shall make available to DfE an updated Self-Assessment Checklist: (i) on or by the date for the Security Document and Business Continuity Plans to be completed; and (ii) promptly following a change: in the operational requirements of the National Curriculum Tests programme; or to one or more SPF minimum mandatory measures. Each Self-Assessment Checklist shall include details of: whether the Supplier is compliant with each requirement of this clause S3-30 (each, a “Requirement”); evidence supporting the Supplier’s compliance with each Requirement; actions taken by the Supplier to mitigate any non-compliance with each Requirement; the risk caused to the Supplier and DfE due to any non-compliance with each Requirement; and the named person(s) in the Supplier’s organisation who are responsible for ensuring compliance with each Requirement. For the purposes of completing the Self-Assessment Checklist, as at 17 June 2009, the BIL rating of NCT data is BIL3.
Security Policy Framework. The whole SPF is provided for Contractors’ reference, however, Contractors’ should complete the questions highlighted in yellow for submission with their Tender. APPENDIX H
