Security risk. If a party becomes aware of or suspects a security risk, it needs to take the steps specified in this clause. If either party becomes aware or suspects that:
(a) there is a material vulnerability in the Services;
(b) any unauthorised person has obtained access to the technology systems or any Confidential Information of the other party or the Purchasing Agency Data;
(c) any person has used any Confidential Information or Purchasing Agency Data for purposes not authorised or permitted by the Subscription Agreement; or
(d) any other unauthorised access or other incident (including compromise or unauthorised exfiltration of Purchasing Agency Data) has occurred that threatens the security or integrity of the Services or any Confidential Information or Purchasing Agency Data, the following steps shall be taken, as applicable:
(e) it will notify the other party as soon as possible;
(f) where the incident concerns unauthorised access, promptly take such steps as are reasonably available to it to identify the person or persons who have gained access and, in your case, provide the Purchasing Agency with such information to assist with investigation of the incident as the Purchasing Agency reasonably requests; and
(g) take all reasonable steps to stop such unauthorised access or incident and prevent its reoccurrence.
Security risk. The Data Processor must take the measures necessary to identify, evaluate and limit any reasonably foreseeable internal and external risks to the availability, confidentiality or integrity of all personal data covered by the Data Processing Agreement. The Data Processor must take appropriate technical steps to limit the risk of any unauthorised access. The Data Processor must evaluate and improve the effectiveness of these precautions when necessary. The Data Processor must document identified risks, as well as when a risk is reduced to an acceptable level. The above obligation involves the Data Processor carrying out a risk evaluation followed by measures to counter identified risks. This could include any relevant measures from the following list: Pseudonymisation and encryption of personal data Capability to ensure continued confidentiality, integrity, availability and resilience of processing systems and services Capability to correctly re-establish availability of and access to personal data in the case of a physical or technical incident A procedure for regular trial, assessment and evaluation of the effectiveness of the technical and organisational measures for ensuring security of processing. The Data Processor must have formal procedures for handling security incidents. The Data Processor must be able to document which employees are authorised to access personal data processed under the Data Processing Agreement. When it is no longer necessary to save input data materials, the Data Processor must delete or destroy the input data materials. The method for this must follow best practice. Output data may only be used by persons who are engaged in purposes for which the personal data is being processed, as well as for auditing, technical maintenance, operational monitoring and corrective measures etc.
Security risk. 11.1 The Client accepts that security systems, including but not limited to smoke, heat and intruder detectors installed to/at their premises:
(a) are for monitoring and detection purposes and should not be seen as a life saving device; and
(b) do not guarantee the Worksite will be free from malicious damage or losses caused by attack, break and/or enter.
11.2 It shall be the Client’s responsibility:
(a) to ensure the security system equipment is tested and maintained to full operational condition; and
(b) for all phone calls emanating from the security system panel; and
(c) to ensure all electronically protected areas are free from obstacles which may impair the operation of the system.
Security risk. If a party becomes aware of or suspects a security risk, it needs to take the steps specified in this clause. If either party becomes aware or suspects that:
(a) there is a material vulnerability in the Enterprise Software or Associated Services;
(b) any unauthorised person has obtained access to the technology systems or any Confidential Information of the other party or the Purchasing Agency Data;
(c) it (the first party) is responsible for a Privacy Breach involving Personal Information of the other party’s staff, customers, clients or users that the other party has provided to the first party or that the first party has otherwise obtained through provision or receipt of the Enterprise Software or Associated Services;
(d) any person has used any Confidential Information or Purchasing Agency Data for purposes not authorised or permitted by the Subscription Agreement; or
(e) any other unauthorised access or other incident (including compromise or unauthorised exfiltration of Purchasing Agency Data) has occurred that threatens the security or integrity of the Enterprise Software or Associated Services or any Confidential Information or Purchasing Agency Data, the following steps shall be taken, as applicable:
(f) it will notify the other party as soon as possible and cooperate with the other party as reasonably required;
(g) where the incident concerns unauthorised access, promptly take such steps as are reasonably available to it to identify the person or persons who have gained access and, in your case, provide the Purchasing Agency with such information to assist with investigation of the incident as the Purchasing Agency reasonably requests; and
(h) take all reasonable steps to stop such unauthorised access or incident and prevent its reoccurrence.
Security risk. The Data Processor must take the measures necessary to identify, evaluate and limit any reasonably foreseeable internal and external risks to the availability, confidentiality or integrity of all personal data covered by the Data Processing Agreement. The Data Processor must take appropriate technical steps to limit the risk of any unauthorised access. The Data Processor must evaluate and improve the effectiveness of these precautions when necessary. The Data Processor must document identified risks, as well as when a risk is reduced to an acceptable level. The above obligation involves the Data Processor carrying out a risk evaluation followed by measures to counter identified risks. This could include any relevant measures from the following list: Pseudonymisation and encryption of personal data Capability to ensure continued confidentiality, integrity, availability and resilience of processing systems and services Capability to correctly re-establish availability of and access to personal data in the case of a physical or technical incident A procedure for regular trial, assessment and evaluation of the effectiveness of the technical and organisational measures for ensuring security of processing. The Data Processor must have formal procedures for handling security incidents. Authorisations must state to which extent users may request, input or delete personal data. Only authorised persons may access personal data processed under the Data Processing Agreement. The Data Processor must be able to document which employees are authorised to access personal data processed under the Data Processing Agreement. Authorised persons must carry picture ID when processing data on-site at the Data Controller’s premises. Only persons engaged in purposes for which the personal data is being processed may be authorised. Individual users must not be authorised for uses they do not require. Authorisation may also be given to persons who require access to personal data for auditing, operational or systems tasks. Each authorised user is provided with a personal user ID and a personal password, which must be used every time the user accesses the data processing. Passwords must be changed every 6 months. Passwords must be sufficiently long and complex. Generally, 2-factor authentication must be used to access systems with sensitive personal data by internet or unsecured network. The authentication method can be, for example, Nem-id, SMS token, RFID or similar. The Data Proces...
Security risk. 3.3.1. The Data Processor must take the measures necessary to identify, evaluate and limit any reasonably foreseeable internal and external risks to the availability, confidentiality or integrity of all personal data covered by the Data Processing Agreement.
3.3.2. The Data Processor must take appropriate technical steps to limit the risk of any unauthorised access. The Data Processor must evaluate and improve the effectiveness of these precautions when necessary.
3.3.3. The Data Processor must document identified risks, as well as when a risk is reduced to an acceptable level. The above obligation involves the Data Processor carrying out a risk evaluation followed by measures to counter identified risks. This could include any relevant measures from the following list:
a. Pseudonymisation and encryption of personal data
b. Capability to ensure continued confidentiality, integrity, availability and resilience of processing systems and services
c. Capability to correctly re-establish availability of and access to personal data in the case of a physical or technical incident
d. A procedure for regular trial, assessment and evaluation of the effectiveness of the technical and organisational measures for ensuring security of processing.
3.3.4. The Data Processor must have formal procedures for handling security incidents.
Security risk. (a) The Exhibitor uses the Venue, the Site, the Stand and the premises and its facilities at its own risk.
(b) All products, goods and other property are brought on to the Venue are at the Exhibitor’s sole risk and the Exhibitor is solely responsible for insuring such property against all risks and any claims, loss, damage and injury that may be suffered whether arising from or in any way related to any cause whatsoever including theft, fire, weather conditions, national emergency, dispute, strike, explosion, negligence or accident.
(c) CIAWA takes no responsibility for lost, damaged or stolen items.
Security risk. It is not possible for RBC to eliminate all security risks. You are responsible for keeping your RBC Account password safe, and you may be responsible for all the transactions under your RBC Account, whether you authorised them or not. Transactions in Digital Assets may be irreversible, and losses due to fraudulent or unauthorised transactions may not be recoverable.
Security risk. Dealing in a security by sale or purchase in the same session requires a detailed study of the movement of their trading prices during a specific period that allows studying the levels of their trading prices and learning of the price extent of their movement during the trading session, in addition to the importance of gaining knowledge of their maximum and minimum trading prices during the period of the study. The trading of the investor in a security by the intra day trading system without a technical study of its trading movement and determining the appropriate time for purchase or sale during the session, taking into consideration the limited number of trading hours and the necessity of making the investment decision quickly in addition to the lack of knowledge of the Client to the above, may lead to maximizing its losses, let alone the other risks entailing from substantial events that could be declared by the Company during the trading session with which the investor is assumed to react or by which its decision may be influenced. This requires the investor to be fully aware of the trading markets, their strategies, their investment methods and their correlated risks.
Security risk. Any student identified as a security risk or having a history of problems with other computer systems may be denied access.
