System Vulnerability and Security Assessments Sample Clauses

System Vulnerability and Security Assessments. The Commonwealth reserves the right to conduct external non-invasive vulnerability and security assessments of the software and infrastructure used to provide services prior to implementation and periodically thereafter. Upon completion of these assessments, the Commonwealth will communicate any findings to the vendor for action. Any cost relating to the alleviation of the findings will be the responsibility of the vendor. Mitigations will be subject to re- evaluation after completion. In cases where direct mitigation cannot be achieved, the vendor shall communicate this and work closely with the Commonwealth to identify acceptable compensating controls that will reduce risk to an acceptable and agreed upon level. An accredited third party source may be selected by the vendor to address findings, provided they will acknowledge all cost and provide valid documentation of mitigation strategies in an agreed upon timeframe.
AutoNDA by SimpleDocs
System Vulnerability and Security Assessments. The Commonwealth reserves the right to conduct, in collaboration with the vendor, non-invasive vulnerability and security assessments of the software and infrastructure used to provide services prior to implementation and periodically thereafter. Upon completion of these assessments, the Commonwealth will communicate any findings to the vendor for action. Any cost relating to the alleviation of the findings will be the responsibility of the vendor. Mitigations will be subject to re-evaluation after completion. In cases where direct mitigation cannot be achieved, the vendor shall communicate this and work closely with the Commonwealth to identify acceptable compensating controls that will reduce risk to an acceptable and agreed upon level. An accredited third party source may DocuSign Envelope ID: EFF9FDB8-6B01-4D41-8B0D-67E05D712EF5 be selected by the vendor to address findings, provided they will acknowledge all cost and provide valid documentation of mitigation strategies in an agreed upon timeframe.

Related to System Vulnerability and Security Assessments

  • Security Assessments Upon advance written notice by the JBE, Contractor agrees that the JBE shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the JBE’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the JBE the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.

  • Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.

  • Geological and Archeological Specimens If, during the execution of the Work, the Contractor, any Subcontractor, or any servant, employee, or agent of either should uncover any valuable material or materials, such as, but not limited to, treasure trove, geological specimens, archival material, archeological specimens, or ore, the Contractor acknowledges that title to the foregoing is vested in the Owner. The Contractor shall notify the Owner upon the discovery of any of the foregoing, shall take reasonable steps to safeguard it, and seek further instruction from the Design Professional. Any additional cost incurred by the Contractor shall be addressed under the provision for changed conditions. The Contractor agrees that the Geological and Water Resources Division and the Historic Preservation Division of the Georgia Department of Natural Resources may inspect the Work at reasonable times.

  • Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.

  • SAFEGUARDING CHILDREN AND VULNERABLE ADULTS 8.1 The Service Provider will have ultimate responsibility for the management and control of any Regulated Activity provided under this agreement and for the purposes of the Safeguarding Vulnerable Groups Xxx 0000.

  • Geological and archaeological finds It is expressly agreed that mining, geological or archaeological rights do not form part of this Agreement with the Contractor for the Works, and the Contractor hereby acknowledges that it shall not have any mining rights or interest in the underlying minerals, fossils, antiquities, structures or other remnants or things either of particular geological or archaeological interest and that such rights, interest and property on or under the Site shall vest in and belong to the Authority or the concerned Government Instrumentality. The Contractor shall take all reasonable precautions to prevent its workmen or any other person from removing or damaging such interest or property and shall inform the Authority forthwith of the discovery thereof and comply with such instructions as the concerned Government Instrumentality may reasonably give for the removal of such property. For the avoidance of doubt, it is agreed that any reasonable expenses incurred by the Contractor hereunder shall be reimbursed by the Authority. It is also agreed that the Authority shall procure that the instructions hereunder are issued by the concerned Government Instrumentality within a reasonable period.

  • Searchability Offering searchability capabilities on the Directory Services is optional but if offered by the Registry Operator it shall comply with the specification described in this section.

  • Risk Assessments a. Risk Assessment - Transfer Agent shall, at least annually, perform risk assessments that are designed to identify material threats (both internal and external) against Fund Data, the likelihood of those threats occurring and the impact of those threats upon the Transfer Agent organization to evaluate and analyze the appropriate level of information security safeguards (“Risk Assessments”).

  • Diagnostic Assessment 6.3.1 Boards shall provide a list of pre-approved assessment tools consistent with their Board improvement plan for student achievement and which is compliant with Ministry of Education PPM (PPM 155: Diagnostic Assessment in Support of Student Learning, date of issue January 7, 2013).

  • Management of Special and Technical Environment Each certificated support person demonstrates an acceptable level of performance in managing and organizing the special materials, equipment and environment essential to the specialized programs.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!