Contractor and Employee Security Precautions The security aspects of working at the Correctional Facility are critical. The following security precautions are part of the site conditions and are a part of this Contract. All persons coming on the site in any way connected with this Work shall be made aware of them, and it is the (General) Contractor’s responsibility to check and enforce them.
Safeguarding and Protecting Children and Vulnerable Adults The Supplier will comply with all applicable legislation and codes of practice, including, where applicable, all legislation and statutory guidance relevant to the safeguarding and protection of children and vulnerable adults and with the British Council’s Child Protection Policy, as notified to the Supplier and amended from time to time, which the Supplier acknowledges may include submitting to a check by the UK Disclosure & Barring Service (DBS) or the equivalent local service; in addition, the Supplier will ensure that, where it engages any other party to supply any of the Services under this Agreement, that that party will also comply with the same requirements as if they were a party to this Agreement.
Streamcourse Protection “Streamcourses” that are subject to provisions of this Section are shown on Sale Area Map. Unless otherwise agreed, the following measures shall be observed to protect Streamcourses:
(a) Purchaser’s Operations shall be conducted to prevent debris from entering Streamcourses, except as may be authorized under paragraph (d). In event Pur- chaser causes debris to enter Streamcourses in amounts that may adversely affect the natural flow of the stream, water quality, or fishery resource, Purchaser shall remove such debris as soon as practicable, but not to exceed 2 days, and in an agreed manner that will cause the least disturbance to Streamcourses.
(b) Culverts or bridges shall be required on Tempo- rary Roads at all points where it is necessary to cross Streamcourses. Such facilities shall be of sufficient size and design and installed in a manner to provide unob- structed flow of water and to minimize damage to Streamcourses. Trees or products shall not be otherwise hauled or yarded across Streamcourses unless fully sus- pended.
(c) Wheeled or track-laying equipment shall not be operated in Streamcourses, except at crossings desig- nated by Forest Service or as essential to construction or removal of culverts and bridges.
(d) Flow in Streamcourses may be temporarily di- verted only if such diversion is necessary for Purchaser’s planned construction and Forest Service gives written au- thorization. Such flow shall be restored to the natural course as soon as practicable and, in any event, prior to a major storm runoff period or runoff season.
Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Vulnerability Management BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.
Cybersecurity; Data Protection The Company’s information technology assets and equipment, computers, systems, networks, hardware, software, websites, applications, and databases (collectively, “IT Systems”) are adequate for, and operate and perform in all material respects as required in connection with the operation of the business of the Company as currently conducted, free and clear of all material bugs, errors, defects, Trojan horses, time bombs, malware and other corruptants. The Company has implemented and maintained commercially reasonable controls, policies, procedures, and safeguards to maintain and protect its material confidential information and the integrity, continuous operation, redundancy and security of all IT Systems and data (including all personal, personally identifiable, sensitive, confidential or regulated data (“Personal Data”)) used in connection with its business, and there have been no breaches, violations, outages or unauthorized uses of or accesses to same, except for those that have been remedied without material cost or liability or the duty to notify any other person, nor any incidents under internal review or investigations relating to the same. The Company is presently in material compliance with all applicable laws or statutes and all judgments, orders, rules and regulations of any court or arbitrator or governmental or regulatory authority, internal policies and contractual obligations relating to the privacy and security of IT Systems and Personal Data and to the protection of such IT Systems and Personal Data from unauthorized use, access, misappropriation or modification, except where the failure to be in compliance would not, individually or in the aggregate, have a Material Adverse Effect.
Security Safeguards Contractor shall maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of District Data. Contractor shall store and process District Data in accordance with industry standards and best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in CIS Critical Security Controls (CIS Controls), as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation the Act, as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended, or such other standard as the District’s Chief Privacy Officer or designee may agree to in writing. Contractor shall also encrypt any backup, backup media, removable media, tape, or other copies. In addition, Contractor shall fully encrypt disks and storage for all laptops and mobile devices.
Environmentally Preferable Procurement Policy The Environmentally Preferable Procurement Policy, along with a brief policy description, is located on the City’s website at the following link: xxxx://xxx.xxxxxxxxx.xxx/esd/natural-energy-resources/epp.htm. Environmental procurement policies and activities related to the completion of any Work will include, whenever practicable, but are not limited to: • The use of recycled and/or recyclable products in daily operations (i.e. 30%, 50%, 100% PCW paper, chlorine process free, triclosan free hand cleaner, etc.); • The use of energy-star compliant equipment; • The use of alternative fuel and hybrid vehicles, and implementation of protocols aimed at increasing the efficiency of vehicle operation; • The implementation of internal waste reduction and reuse protocol(s); and • Water and resource conservation activities within facilities, including bans on individual serving bottled water and the use of compostable food service products.
Protection of Personal Information Party agrees to comply with all applicable state and federal statutes to assure protection and security of personal information, or of any personally identifiable information (PII), including the Security Breach Notice Act, 9 V.S.A. § 2435, the Social Security Number Protection Act, 9 V.S.A. § 2440, the Document Safe Destruction Act, 9 V.S.A. § 2445 and 45 CFR 155.260. As used here, PII shall include any information, in any medium, including electronic, which can be used to distinguish or trace an individual’s identity, such as his/her name, social security number, biometric records, etc., either alone or when combined with any other personal or identifiable information that is linked or linkable to a specific person, such as date and place or birth, mother’s maiden name, etc.
Information Technology Enterprise Architecture Requirements If this Contract involves information technology-related products or services, the Contractor agrees that all such products or services are compatible with any of the technology standards found at xxxxx://xxx.xx.xxx/iot/2394.htm that are applicable, including the assistive technology standard. The State may terminate this Contract for default if the terms of this paragraph are breached.