Service and Systems Integrity and Availability Control Sample Clauses

Service and Systems Integrity and Availability Control a. Cellulant will 1) perform security and privacy risk assessments at least annually; 2) perform penetration testing and assess vulnerabilities, including automated system and application security scanning and manual ethical hacking, before production release and annually thereafter, 3) enlist a qualified independent third-party to perform penetration testing at least annually, 4) perform automated management and routine verification of compliance with security configuration requirements for each component of the Contracted Services, and 5) remediate identified vulnerabilities or noncompliance with its security configuration requirements based on associated risk, exploitability, and impact. Cellulant will take reasonable steps to avoid disruption of Contracted Services when performing its tests, assessments, scans, and execution of remediation activities. Upon Customer’s request, Cellulant will provide Customer with a written summary of Cellulant’s then-most recent penetration testing activities, which report must at a minimum include the name of the offerings covered by the testing, the number of systems or applications in-scope for the testing, the dates of the testing, the methodology used in the testing, and a high-level summary of findings.
Sample 1
AutoNDA by SimpleDocs
Service and Systems Integrity and Availability Control a. Supplier will 1) perform security and privacy risk assessments at least annually; 2) perform penetration testing and assess vulnerabilities, including automated system and application security scanning and manual ethical hacking, before production release and annually thereafter, 3) enlist a qualified independent third-party to perform penetration testing at least annually, 4) perform automated management and routine verification of compliance with security configuration requirements for each component of the Contracted Services, and 5) remediate identified vulnerabilities or noncompliance with its security configuration requirements based on associated risk, exploitability, and impact. Supplier will take reasonable steps to avoid disruption of Contracted Services when performing its tests, assessments, scans, and execution of remediation activities. Upon Cellulant’s request, Supplier will provide Cellulant with a written summary of Supplier’s then-most recent penetration testing activities, which report must at a minimum include the name of the offerings covered by the testing, the number of systems or applications in-scope for the testing, the dates of the testing, the methodology used in the testing, and a high-level summary of findings.
Sample 1

Related to Service and Systems Integrity and Availability Control

  • Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.

  • Availability Control Personal Data will be protected against accidental or unauthorized destruction or loss. Measures: • SAP employs regular backup processes to provide restoration of business-critical systems as and when necessary. • SAP uses uninterrupted power supplies (for example: UPS, batteries, generators, etc.) to protect power availability to the Data Centers. • SAP has defined business contingency plans for business-critical processes and may offer disaster recovery strategies for business critical Services as further set out in the Documentation or incorporated into the Order Form for the relevant Cloud Service. • Emergency processes and systems are regularly tested.

  • Availability of Verizon Telecommunications Services 3.1 Verizon will provide a Verizon Telecommunications Service to PCS for resale pursuant to this Attachment where and to the same extent, but only where and to the same extent, that such Verizon Telecommunications Service is provided to Verizon’s Customers.

  • Quality control system (i) The Contractor shall establish a quality control mechanism to ensure compliance with the provisions of this Agreement (the “Quality Assurance Plan” or “QAP”).

  • Management and Control Systems Grantee will:

  • DNS name server availability Refers to the ability of a public-­‐DNS registered “IP address” of a particular name server listed as authoritative for a domain name, to answer DNS queries from an Internet user. All the public DNS-­‐registered “IP address” of all name servers of the domain name being monitored shall be tested individually. If 51% or more of the DNS testing probes get undefined/unanswered results from “DNS tests” to a name server “IP address” during a given time, the name server “IP address” will be considered unavailable.

  • Therapist Availability Therapist’s office is equipped with a confidential voice mail system that allows Patient to leave a message at any time. Therapist will make every effort to return calls within 24 hours (or by the next business day), but cannot guarantee the calls will be returned immediately. Therapist is unable to provide 24-hour crisis service. In the event that Patient is feeling unsafe or requires immediate medical or psychiatric assistance, he/she should call 911, or go to the nearest emergency room.

  • Electronic and Information Resources Accessibility and Security Standards a. Applicability: The following Electronic and Information Resources (“EIR”) requirements apply to the Contract because the Grantee performs services that include EIR that the System Agency's employees are required or permitted to access or members of the public are required or permitted to access. This Section does not apply to incidental uses of EIR in the performance of the Agreement, unless the Parties agree that the EIR will become property of the State of Texas or will be used by HHSC’s clients or recipients after completion of the Agreement. Nothing in this section is intended to prescribe the use of particular designs or technologies or to prevent the use of alternative technologies, provided they result in substantially equivalent or greater access to and use of a Product.

  • Outpatient emergency and urgicenter services within the service area The emergency room copay applies to all outpatient emergency visits that do not result in hospital admission within twenty-four (24) hours. The urgicenter copay is the same as the primary care clinic office visit copay.

  • Interconnection Facilities Engineering Procurement and Construction Interconnection Facilities, Network Upgrades, and Distribution Upgrades shall be studied, designed, and constructed pursuant to Good Utility Practice. Such studies, design and construction shall be based on the assumed accuracy and completeness of all technical information received by the Participating TO and the CAISO from the Interconnection Customer associated with interconnecting the Large Generating Facility.

Time is Money Join Law Insider Premium to draft better contracts faster.