Service Integrity and Availability Control Sample Clauses

Service Integrity and Availability Control. 6.1 Acoustic will: a) ensure security and privacy risk assessments of its SaaS Products are carried out at least annually; b) ensure penetration testing and vulnerability assessments, including automated system and application security scanning and manual ethical hacking, are carried out before production release and annually thereafter; c) ensure a qualified independent third-party performs penetration testing at least annually; d) ensure automated management and routine verification of underlying Components' compliance with security-configuration requirements are carried out; and e) remediate identified vulnerabilities or noncompliance with its security configuration requirements based on associated risk, exploitability, and impact. 6.2 Acoustic will take reasonable steps to avoid SaaS Product disruption when performing tests, assessments, scans, and execution of remediation activities. 6.3 Acoustic will maintain policies and procedures designed to manage risks associated with the application of changes to its SaaS Products. Prior to implementation, material changes to a SaaS Product, including its systems, networks, and underlying Components, will be documented in a registered change request that includes a description and reason for the change, implementation details and schedule, a risk statement addressing impact to the SaaS Product and its Partners, expected outcome, rollback plan, and documented approval by authorized personnel. 6.4 Acoustic will maintain an inventory of all information-technology assets used in its operation of the SaaS Product. Acoustic will continuously monitor and manage the health, including capacity, and availability of the SaaS Product and underlying Components. 6.5 Each SaaS Product will be separately assessed for business-continuity and disaster-recovery requirements pursuant to documented risk-management guidelines. Each Acoustic SaaS Product will have, to the extent warranted by such risk assessment, separately defined, documented, maintained, and annually validated business-continuity and disaster-recovery plans consistent with industry-standard practices. Recovery-point and recovery-time objectives for the SaaS Product, if provided, will be established with consideration given to the SaaS Product's architecture and intended use, and will be described in the relevant Attachment. Partner’s Content on physical media intended for off-site storage, if any, such as media containing SaaS Product backup files, will be encrypte...
Sample 1Sample 2
AutoNDA by SimpleDocs
Service Integrity and Availability Control a. The Supplier will: (1) perform security and privacy risk assessments of the Supplier Services at least annually, (2) perform security testing and vulnerability assessments of the Supplier Services before production release and at least annually thereafter, (3) enlist a qualified independent third party, the Supplier X-Force™ or, if specified in the Supplier Services Document, another qualified testing service to perform penetration testing of the Supplier Cloud Services, at least annually, (4) perform automated vulnerability scanning of underlying Components of the Supplier Services against industry security configuration best practices, (5) remediate identified vulnerabilities from security testing and scanning, based on associated risk, exploitability, and impact, and (6) take reasonable steps to avoid disruption to the Supplier Services when performing its tests, assessments, scans, and execution of remediation activities. b. The Supplier will maintain measures designed to assess, test, and apply security advisory patches to the Supplier Services and associated systems, networks, applications, and underlying Components within the scope of the Supplier Services. Upon determining that a security advisory patch is applicable and appropriate, the Supplier will implement the patch pursuant to documented severity and risk assessment guidelines, based on Common Vulnerability Scoring System ratings of patches, when available. Implementation of security advisory patches will be subject to the Supplier change management policy. c. The Supplier will maintain policies and procedures designed to manage risks associated with the application of changes to the Supplier Services. Prior to implementation, changes to the Supplier Service, including its systems, networks, and underlying Components, will be documented in a registered change request that includes a description of and reason for the change, implementation details and schedule, a risk statement addressing impact to the Supplier Service and its clients, expected outcome, rollback plan, and documented approval by authorized personnel. d. The Supplier will maintain an inventory of all information technology assets used in its operation of the Supplier Services. The Supplier will continuously monitor and manage the health, including capacity, and availability of the Supplier Services and underlying Components. e. Each Supplier Service will be separately assessed for business continuity and disaster recovery req...
Sample 1
Service Integrity and Availability Control. With respect to Pindrop-Controlled Systems, Pindrop will: (a) Perform security risk assessments at least annually; (b) Perform security testing and vulnerability assessments on a periodic basis; (c) Enlist a qualified testing service to perform penetration testing at least annually; (d) Perform automated vulnerability scanning against configuration industry standards reasonably designed to identify publicly-known security vulnerabilities in Pindrop- Controlled Systems based on Pindrop’s risk assessment: (i) at least every six months;
Sample 1
Service Integrity and Availability Control. (a) U-Visit (i) performs penetration testing and vulnerability assessments, including automated system and application security scanning and manual ethical hacking, before production release and annually thereafter, (ii) enlists a qualified independent third-party to perform penetration testing at least annually, (iii) performs automated management and routine verification of underlying componentscompliance with security configuration requirements, and (iv) remediates identified vulnerabilities or noncompliance with its security configuration requirements based on associated risk, exploitability, and impact. U-Visit will take reasonable steps to avoid Service disruption when performing its tests, assessments, scans, and execution of remediation activities. (b) U-Visit will maintain policies and procedures designed to manage risks associated with the application of changes to its Services. Prior to implementation, changes to a Service, including its systems, networks and underlying components, will be documented in a registered change request that includes a description and reason for the change, implementation details and schedule, a risk statement addressing impact to the Service and its clients, expected outcome, rollback plan, and documented approval by authorized personnel. (c) U-Visit will maintain an inventory of all information technology assets used in its operation of the Service. U-Visit will continuously monitor the health and availability of the Service and underlying components. (d) Each Service will be separately assessed for business continuity and disaster recovery requirements pursuant to documented risk management guidelines. Each U-Visit Service will have, to the extent warranted by such risk assessment, separately defined, documented, maintained and annually validated business continuity and disaster recovery plans consistent with industry standard practices. Recovery point and time objectives for the Service, if provided, will be established with consideration given to the Service’s architecture and intended use, and will be described in the relevant Agreement documents. (e) U-Visit will (i) back up systems containing Customer Personal Data daily, (ii) ensure at least one backup destination is at a remote location, separate from production systems, (iii) encrypt backup data stored on portable backup media, and (iv) validate backup process integrity by regularly performing data restoration testing. (f) U-Visit will maintain measures d...
Sample 1
Service Integrity and Availability Control 
Sample 1

Related to Service Integrity and Availability Control

  • Availability Control Personal Data will be protected against accidental or unauthorized destruction or loss.

  • DNS name server availability Refers to the ability of a public-­‐DNS registered “IP address” of a particular name server listed as authoritative for a domain name, to answer DNS queries from an Internet user. All the public DNS-­‐registered “IP address” of all name servers of the domain name being monitored shall be tested individually. If 51% or more of the DNS testing probes get undefined/unanswered results from “DNS tests” to a name server “IP address” during a given time, the name server “IP address” will be considered unavailable.

  • Service Availability You understand that Service availability is at all times conditioned upon the corresponding operation and availability of the communication systems used in communicating your instructions and requests to the Credit Union. We will not be liable or have any responsibility of any kind for any loss or damage thereby incurred by you in the event of any failure or interruption of such communication systems or services resulting from the act or omission of any third party, or from any other cause not reasonably within the control of the Credit Union.

  • EPP service availability Refers to the ability of the TLD EPP servers as a group, to respond to commands from the Registry accredited Registrars, who already have credentials to the servers. The response shall include appropriate data from the Registry System. An EPP command with “EPP command RTT” 5 times higher than the corresponding SLR will be considered as unanswered. If 51% or more of the EPP testing probes see the EPP service as unavailable during a given time, the EPP service will be considered unavailable.

  • DNS service availability Refers to the ability of the group of listed-­‐as-­‐authoritative name servers of a particular domain name (e.g., a TLD), to answer DNS queries from DNS probes. For the service to be considered available at a particular moment, at least, two of the delegated name servers registered in the DNS must have successful results from “DNS tests” to each of their public-­‐DNS registered “IP addresses” to which the name server resolves. If 51% or more of the DNS testing probes see the service as unavailable during a given time, the DNS service will be considered unavailable.

  • General Availability The commitment to availability specified in the letter of appointment shall be subject to mutually acceptable revision. Such revision will occur once per year, or, if mutually agreed between the Employer and the employee, on a more frequent basis. The Employer will issue a revised letter of appointment to reflect approved changes to employee’s general availability.

  • System Availability Although we will try to provide continuous access to the Service, we cannot and do not guarantee that the Service will be available 100% of the time and will not be liable in the event Service is unavailable. Actual service or network performance is dependent on a variety of factors outside of our control. If you notify us within twenty-four (24) hours and we confirm an outage consisting of a period of two (2) hours in any calendar month, and not due to any service, act, or omission of you, a third party, your applications, equipment or facilities, or reasons outside of our control, you shall be eligible for a service credit. A service credit shall be computed as a pro-rated charge for one day of the regular monthly fees for the Service in the next monthly statement. Intermittent service outages for periods of less than two (2) hours are not considered service outages. Outages caused by routine scheduled maintenance are also not considered an outage. You shall receive advance notice no less than forty-eight (48) hours in advance of our scheduled maintenance. Scheduled maintenance will be performed between 12:00 a.m. and 6:00 a.m. CST.

  • High Availability Registry Operator will conduct its operations using network and geographically diverse, redundant servers (including network-­‐level redundancy, end-­‐node level redundancy and the implementation of a load balancing scheme where applicable) to ensure continued operation in the case of technical failure (widespread or local), or an extraordinary occurrence or circumstance beyond the control of the Registry Operator. Registry Operator’s emergency operations department shall be available at all times to respond to extraordinary occurrences.

  • Product Availability Under no circumstances shall Company be responsible to Representative or anyone else for its failure to fill accepted orders, or for its delay in filling accepted orders, when such failure or delay is due to strike, accident, labor trouble, acts of nature, freight embargo, war, civil disturbance, vendor problems or any cause beyond Company's reasonable control.

  • Availability of Verizon Telecommunications Services 3.1 Verizon will provide a Verizon Telecommunications Service to Z-Tel for resale pursuant to this Attachment where and to the same extent, but only where and to the same extent, that such Verizon Telecommunications Service is provided to Verizon’s Customers. 3.2 Except as otherwise required by Applicable Law, subject to Section 3.1, Verizon shall have the right to add, modify, grandfather, discontinue or withdraw, Verizon Telecommunications Services at any time, without the consent of Z-Tel. 3.3 To the extent required by Applicable Law, the Verizon Telecommunications Services to be provided to Z-Tel for resale pursuant to this Attachment will include a Verizon Telecommunications Service customer-specific contract service arrangement (“CSA”) (such as a customer specific pricing arrangement or individual case based pricing arrangement) that Verizon is providing to a Verizon Customer at the time the CSA is requested by Z-Tel.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!