Security Reviews. Complete SOC2 Type II or substantially equivalent reviews in accordance with industry standards, which reviews are subject to review by ASU upon ASU’s request. Currently, no more than two reviews per year are required. Item 4
Security Reviews. CaminoSoft shall conduct periodic reviews to ensure compliance with the foregoing security requirements. Legato shall have the right to conduct a review to ensure compliance with the foregoing security restrictions, including an interview of the Responsible Manager and inspection the records maintained by CaminoSoft pursuant to subsection 11.6 above, on three (3) Business Days written notice.
Security Reviews. The Sheriff will cooperate with the Court Security Director and Court Facilities Manager in conducting periodic court security reviews to determine compliance with physical and procedural security standards and will assist in correcting any deficiencies identified. To the extent possible, the Sheriff will implement the standards set forth in the Model Post Orders document (as applicable) dated March, 2014, and provided by the Courts.
Security Reviews. The Hartford shall regularly test and monitor its Information Security Safeguards and systems and shall conduct periodic reviews to ensure compliance with the requirements set forth herein. At the County’s reasonable request, The Hartford will allow the County to conduct a walk-through during business hours of its facilities that store and process Nonpublic Personal Information to ascertain compliance with The Hartford’s obligations under this Addendum.
Security Reviews. Web application vulnerability assessments must be performed during the applicationdevelopment and the deployment lifecycle. • All 3rd party software included in the application must meet all security requirementsoutlined herein. • Secure interfaces for USER LOGIN and user data input of Personal Data must utilizecertificates signed by a Trusted Certificate Authority (CA) only. Examples: HTTPS / TLS / SSH.
Security Reviews. Supplier shall provide CUSTOMER the right to an onsite review of Supplier’s security program annually for the entire period that Supplier processes, stores or otherwise has access to CUSTOMER Confidential Information and CUSTOMER’s client’s Confidential Information. Supplier will promptly (but in no event later than thirty (30) days after receiving CUSTOMER’s request to schedule and perform such review) schedule such review for a mutually agreeable date. Supplier shall provide CUSTOMER with access to Supplier’s policies, procedures and other relevant documentation and to Supplier’s Personnel as reasonably necessary to facilitate such reviews. Supplier shall file a remediation plan with CUSTOMER within thirty (30) days following the completion of such review, and Supplier shall remediate each such issue in a timely manner in accordance with a remediation schedule agreed to by the parties.
Security Reviews. Supplier shall provide Customer the right to an onsite review of Supplier’s security program annually for the entire period that Supplier processes, stores or otherwise has access to Customer Confidential Information and Customer’s client’s Confidential Information. Supplier will promptly (but in no event later than thirty (30) days after receiving Customer’s request to schedule and perform such review) schedule such review for a mutually agreeable date. Supplier shall provide Customer with access to Supplier’s Policies, procedures and other relevant documentation and to Supplier’s Personnel as reasonably necessary to facilitate such reviews. Supplier shall file a remediation plan with Customer within thirty (30) days following the completion of such review, and Supplier shall remediate each such issue in a timely manner in accordance with a remediation schedule agreed to by the parties.
Security Reviews a. Staff Assistance Visits (SAVs), and Security Program Reviews (SPRs), may be conducted by the ISPM.
b. The ISPM conducts SPRs, in the following manner:
(1) The ISPM will notify and schedule all SPRs. SPRs will be conducted per DOD 5200.1- Ras supplemented and this agreement. A copy of the SPR report will be provided to the visitor group. The visitor group is not required to acknowledge receipt, nor respond unless directed to do so in the report.
(2) The visitor group will also be included in the JPO’s own security self- inspection program. JPO will use the self-inspection criteria to monitor the visitor group’s performance and compliance. Document and maintain inspection report as required by DOD 5200.1-R.
Security Reviews. Without limiting its other obligations set forth herein, Supplier, at the request of Advanta or to satisfy Card Association Rules, shall cause a security audit of those of its systems that affect Advanta in connection with the Services (a “Security Audit”) to be conducted at least once every twelve (12) months (except as provided in Section 21.3 and this Section 21.4) during the Term. The vulnerability scan portion of each Security Audit shall be conducted by an internationally recognized third party engaged in the business of performing such vulnerability scans which shall be at the expense of Advanta, which expense shall be reimbursed by the Supplier if the Audit reveals a material security risk. The remainder of each Security Audit shall be conducted jointly by the Parties and shall include a comprehensive review of vulnerabilities of Supplier’s systems. At least thirty (30) days prior to each Security Audit, the Parties shall meet and consult reasonably and in good faith in an effort to agree on the minimum tests to be conducted in the Security Audit. Supplier shall provide the results of each of its Security Audits to Advanta within fifteen (15) Business Days after completion of the Security Audit. In the event that a Security Audit reveals any material security exposures, Supplier shall take such actions as are reasonably necessary to correct such exposures, to Advanta’s reasonable satisfaction, as promptly as is commercially reasonable, and Advanta may audit to determine whether the corrective action has been implemented and is effective.
Security Reviews. Customer (or its designated representatives) may, on an annual basis or more frequently as reasonably requested by Customer or otherwise required by an Agency Partner, conduct an audit to verify that Supplier is operating in accordance with Security Best Practices. The audit may include a review of all aspects of Supplier’s performance including, without limitation: (i) systems, software development practices and procedures; (ii) network, operating system, database and application configuration controls; (iii) general controls and security practices and procedures; (iv) disaster recovery and back-up procedures; (v) change and problem management processes and procedures; and (vi) network and system vulnerability and risk analysis. Supplier shall, and shall cause its Personnel to, cooperate with Customer in conducting any such audit, and shall allow Customer reasonable access to all pertinent records, documentation, computer systems, data, personnel and processing areas as Customer reasonably requests to complete the audit. Supplier shall provide satisfactory assurances that it has corrected any deviations from Security Best Practices that are identified in any security audit as soon as practicable, but in no event more than five (5) days after receiving notice from Customer outlining any deviations. Each Party shall bear its own costs in connection with such an audit. Nothing herein shall be interpreted to limit in any way the rights of Agency Partners or the Comptroller General of the United States to conduct any audit. Customer shall not be responsible for any Supplier fees, costs, or expenses incurred in connection with such Federal security reviews.
