Risk Management Except as required by applicable law or regulation, (i) implement or adopt any material change in its interest rate and other risk management policies, procedures or practices; (ii) fail to follow its existing policies or practices with respect to managing its exposure to interest rate and other risk; or (iii) fail to use commercially reasonable means to avoid any material increase in its aggregate exposure to interest rate risk.
Patch Management All workstations, laptops and other systems that process and/or 20 store PHI COUNTY discloses to CONTRACTOR or CONTRACTOR creates, receives, maintains, or 21 transmits on behalf of COUNTY must have critical security patches applied, with system reboot if 22 necessary. There must be a documented patch management process which determines installation 23 timeframe based on risk assessment and vendor recommendations. At a maximum, all applicable 24 patches must be installed within thirty (30) calendar or business days of vendor release. Applications 25 and systems that cannot be patched due to operational reasons must have compensatory controls 26 implemented to minimize risk, where possible.
Procurement Planning Prior to the issuance of any invitations to bid for contracts, the proposed procurement plan for the Project shall be furnished to the Association for its review and approval, in accordance with the provisions of paragraph 1 of Appendix 1 to the Guidelines. Procurement of all goods and works shall be undertaken in accordance with such procurement plan as shall have been approved by the Association, and with the provisions of said paragraph 1.