Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
SECURITY PROCESSES If requested by an Authorized User as part the Request for Quote process, Contractor shall complete a Consensus Assessment Initiative Questionnaire (CAIQ) including on an annual basis thereafter, if requested by the Authorized User. The CAIQ is available at Cloud Security Alliance (xxxxx://xxxxxxxxxxxxxxxxxxxxx.xxx/). The CAIQ may be used to assist the Authorized User in building the necessary assessment processes when engaging with Contractors. In addition to a request for a CAIQ, Contractor shall cooperate with all reasonable Authorized User requests for a Written description of Contractor’s physical/virtual security and/or internal control processes. The Authorized User shall have the right to reject any Contractor’s RFQ response or terminate an Authorized User Agreement when such a request has been denied. For example, Federal, State and local regulations and/or laws may require that Contractors operate within the Authorized User’s regulatory environment. In order to ensure that security is adequate and free of gaps in control coverage, the Authorized User may require information from the Contractor’s Service Organization Controls (SOC) audit report.
Security Protocols Both parties agree to maintain security protocols that meet industry standards in the transfer or transmission of any data, including ensuring that data may only be viewed or accessed by parties legally allowed to do so. Provider shall maintain all data obtained or generated pursuant to the Service Agreement in a secure digital environment and not copy, reproduce, or transmit data obtained pursuant to the Service Agreement, except as necessary to fulfill the purpose of data requests by LEA.
Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.
Audits/Inspections Contractor agrees to permit the County’s Auditor-Controller or the Auditor- Controller’s authorized representative (including auditors from a private auditing firm hired by the County) access during normal working hours to all books, accounts, records, reports, files, financial records, supporting documentation, including payroll and accounts payable/receivable records, and other papers or property of Contractor for the purpose of auditing or inspecting any aspect of performance under this Contract. The inspection and/or audit will be confined to those matters connected with the performance of the Contract including, but not limited to, the costs of administering the Contract. The County will provide reasonable notice of such an audit or inspection. The County reserves the right to audit and verify the Contractor’s records before final payment is made. Contractor agrees to maintain such records for possible audit for a minimum of three years after final payment, unless a longer period of records retention is stipulated under this Contract or by law. Contractor agrees to allow interviews of any employees or others who might reasonably have information related to such records. Further, Contractor agrees to include a similar right to the County to audit records and interview staff of any subcontractor related to performance of this Contract. Should the Contractor cease to exist as a legal entity, the Contractor’s records pertaining to this Contract shall be forwarded to the County’s project manager.
OIG INSPECTION, AUDIT, AND REVIEW RIGHTS In addition to any other rights OIG may have by statute, regulation, or contract, OIG or its duly authorized representative(s) may conduct interviews, examine or request copies of Xxxxxx’x books, records, and other documents and supporting materials and/or conduct on-site reviews of any of Xxxxxx’x locations for the purpose of verifying and evaluating: (a) Xxxxxx’x compliance with the terms of this IA and (b) Xxxxxx’x compliance with the requirements of the Federal health care programs. The documentation described above shall be made available by Xxxxxx to OIG or its duly authorized representative(s) at all reasonable times for inspection, audit, and/or reproduction. Furthermore, for purposes of this provision, OIG or its duly authorized representative(s) may interview Xxxxxx and any of Xxxxxx’x employees or contractors who consent to be interviewed at the individual’s place of business during normal business hours or at such other place and time as may be mutually agreed upon between the individual and OIG. Xxxxxx shall assist OIG or its duly authorized representative(s) in contacting and arranging interviews with such individuals upon OIG’s request. Xxxxxx’x employees and contractors may elect to be interviewed with or without a representative of Xxxxxx present.
Solicitations for Subcontractors, Including Procurements of Materials and Equipment In all solicitations either by competitive bidding or negotiation made by the contractor for work to be performed under a subcontract, including procurements of materials or leases of equipment, each potential subcontractor or supplier shall be notified by the contractor of the contractor's obligations under this contract and the Regulations relative to nondiscrimination on the grounds of race, color, or national origin, sex, age, and disability/handicap.
Goods Inspection The Commissioner of DAS, in consultation with the Client Agency, shall determine the manner and prescribe the inspection of all Goods and the tests of all samples submitted to determine whether they comply with all of the specifications in the Contract. If any Goods fail in any way to meet the specifications in the Contract, the Client Agency or the Commissioner of DAS may, in its sole discretion, either reject it and owe nothing or accept it and pay for it on an adjusted price basis, depending on the degree to which the Goods meet the specifications. Any decision pertaining to any such failure or rejection shall be final and binding.
Records Inspection Payor shall keep, and shall require its Permitted Sellers to keep, complete, true and accurate books of accounts and records for the purpose of determining the basis and accuracy of payments to be made under this Agreement. Such records shall be kept in accordance with GAAP, showing Net Sales on country-by-country and Licensed Product-by-Licensed Product basis, and Payor’s or its Permitted Sellers’ usual internal practices and procedures (which shall be commercially reasonable), consistently applied. Such books and records shall be kept for at least [*] ([*]) years following the end of the Calendar Quarter to which they pertain. Such records will be open for inspection by Payee during such five (5) year period by independent accountants reasonably acceptable to Payor, solely for the purpose of verifying the basis and accuracy of amounts in the payment statements hereunder. Such inspections shall be made no more than [*] each Calendar Year, at reasonable time and on reasonable notice and shall be limited to information related to Licensed Products. Results of any such inspection shall be deemed to be Confidential Information of Payor. If any errors in favor of Payor are discovered in the course of such inspection, then within thirty (30) days of written request by Payee, Payor shall pay Payee those amounts that Payee would have received in the absence of such errors, plus interest pursuant to and in accordance with Section 6.1(c). Inspections conducted under this Section 6.5 shall be at the expense of Payee, unless a variation or error in favor of Payor exceeding [*] percent ([*] %) of the amount due for the period covered by the inspection is established in the course of such inspection, whereupon all reasonable, documented costs relating to the inspection for such period will be paid promptly by Payor. In the event of overpayment to Payee, any amount of such overpayment shall be fully creditable against amounts payable for the immediately succeeding Calendar Quarter.
Contractor's care of the Works The Contractor shall bear full risk in, and take full responsibility for, the care of the Works, and of the Materials, goods and equipment for incorporation therein, from the Appointed Date until the date of Completion Certificate, save and except to the extent that any such loss or damage shall have arisen from any wilful default or gross neglect of the Authority.
