Security Reviews Clause Samples

Security Reviews. Supplier shall provide Customer the right to an onsite review of Supplier’s security program annually for the entire period that Supplier processes, stores or otherwise has access to Customer Confidential Information and Customer’s client’s Confidential Information. Supplier will promptly (but in no event later than thirty (30) days after receiving Customer’s request to schedule and perform such review) schedule such review for a mutually agreeable date. Supplier shall provide Customer with access to Supplier’s Policies, procedures and other relevant documentation and to Supplier’s Personnel as reasonably necessary to facilitate such reviews. Supplier shall file a remediation plan with Customer within thirty (30) days following the completion of such review, and Supplier shall remediate each such issue in a timely manner in accordance with a remediation schedule agreed to by the parties.

Security Reviews. Complete SOC2 Type II or substantially equivalent reviews in accordance with industry standards, which reviews are subject to review by ASU upon ASU’s request. Currently, no more than two reviews per year are required. Item 4

Security Reviews. The Sheriff will cooperate with the Court Security Director and Court Facilities Manager in conducting periodic court security reviews to determine compliance with physical and procedural security standards and will assist in correcting any deficiencies identified. To the extent possible, the Sheriff will implement the standards set forth in the Model Post Orders document (as applicable) dated March, 2014, and provided by the Courts.

Security Reviews. The Hartford shall regularly test and monitor its Information Security Safeguards and systems and shall conduct periodic reviews to ensure compliance with the requirements set forth herein. At the County’s reasonable request, The Hartford will allow the County to conduct a walk-through during business hours of its facilities that store and process Nonpublic Personal Information to ascertain compliance with The Hartford’s obligations under this Addendum.

Security Reviews. Web application vulnerability assessments must be performed during the applicationdevelopment and the deployment lifecycle. • All 3rd party software included in the application must meet all security requirementsoutlined herein. • Secure interfaces for USER LOGIN and user data input of Personal Data must utilizecertificates signed by a Trusted Certificate Authority (CA) only. Examples: HTTPS / TLS / SSH.

Security Reviews. Supplier shall provide CUSTOMER the right to an onsite review of Supplier’s security program annually for the entire period that Supplier processes, stores or otherwise has access to CUSTOMER Confidential Information and CUSTOMER’s client’s Confidential Information. Supplier will promptly (but in no event later than thirty (30) days after receiving CUSTOMER’s request to schedule and perform such review) schedule such review for a mutually agreeable date. Supplier shall provide CUSTOMER with access to Supplier’s policies, procedures and other relevant documentation and to Supplier’s Personnel as reasonably necessary to facilitate such reviews. Supplier shall file a remediation plan with CUSTOMER within thirty (30) days following the completion of such review, and Supplier shall remediate each such issue in a timely manner in accordance with a remediation schedule agreed to by the parties.

Security Reviews a. Staff Assistance Visits (SAVs), and Security Program Reviews (SPRs), may be conducted by the ISPM. b. The ISPM conducts SPRs, in the following manner: (1) The ISPM will notify and schedule all SPRs. SPRs will be conducted per DOD 5200.1- Ras supplemented and this agreement. A copy of the SPR report will be provided to the visitor group. The visitor group is not required to acknowledge receipt, nor respond unless directed to do so in the report. (2) The visitor group will also be included in the JPO’s own security self- inspection program. JPO will use the self-inspection criteria to monitor the visitor group’s performance and compliance. Document and maintain inspection report as required by DOD 5200.1-R.

Security Reviews. Wiz conducts security reviews for significant changes, such as major new product features or changes that impact Wiz’s security posture, during the design and development process.

Security Reviews. Vendor shall provide Altruist the right to review Vendor’s security controls annually for the entire period that Vendor processes, stores or otherwise has access to Altruist Proprietary Information and/or Client Data. Vendor will use commercially reasonable efforts to promptly (but in no event later than thirty (30) days after receiving Altruist’s request to schedule and perform such review) schedule such review for a mutually agreeable date. Vendor shall provide Altruist with access to Vendor’s policies, procedures and other relevant documentation and to Vendor’s Personnel as reasonably necessary to facilitate such reviews. During such review, Vendor shall provide Altruist with access to independent audit reports (relevant to the products and/or services being provided to Altruist and/or the activities conducted by Vendor pursuant to this Agreement) that have been performed on Vendor, such as an SSAE 16 Type II (SAS 70 Type II) audit or SysTrust certification. If any issues are found during Altruist’s review of Vendor’s security controls, Vendor shall file a remediation plan with Altruist within thirty (30) days following the completion of such review, and Vendor shall remediate each such issue in a timely manner in accordance with a remediation schedule agreed to by the parties.