The Compliance Review Program and Process Sample Clauses

The Compliance Review Program and Process. Similar to the certification process, the compliance review program entails a rigorous process intended to ensure that EIEPs who receive electronic information from SSA are in full compliance with the Agency’s security requirements and standards. As a practice, SSA attempts to conduct compliance reviews following a two to five year periodic review schedule. However, as circumstances warrant, a review may take place at any time. Three prominent examples that would trigger an ad hoc review are: • a significant change in the outside EIEP’s computing platform • a violation of any of SSA’s systems security requirements • an unauthorized disclosure of SSA information by the EIEP The following is a high-level flow chart of the OIS Compliance Review Process: ⮉ Make risked-based selection of target Monitor findings Finalize review documentation Conduct compliance review Set review date Gather background information Determine method of review SSA may conduct onsite compliance reviews and include both the EIEP’s main facility and a field office. SSA may, also at its discretion, request that the EIEP participate in an onsite compliance review of their security infrastructure to confirm the implementation of SSA’s security requirements. The onsite review may address any or all of SSA’s security requirements and include, where appropriate: • a demonstration of the EIEP’s implementation of each requirement • random sampling of audit records and transactions submitted to SSA • a walkthrough of the EIEP’s data center to observe and document physical security safeguards • a demonstration of the EIEP’s implementation of online exchange of data with SSA • discussions with managers/supervisors • examination of management control procedures and reports (e.g. anomaly detection reports, etc.) • demonstration of technical tools pertaining to user access control and, if appropriate, browsing prevention: o If the design uses a permission module or similar design, or is transaction driven, the EIEP will demonstrate how the system triggers requests for information from SSA. o If the design uses a permission module, the EIEP will demonstrate the process used to request SSA-provided information and prevent the EIEP’s system from processing SSNs not present in the EIEP’s system. We can accomplish this by attempting to obtain information from SSA using at least one, randomly created, fictitious number not known to the EIEP’s system. SSA may, at its discretion, perform an onsite or remot...
Sample 1Sample 2Sample 3See All (6)
AutoNDA by SimpleDocs
The Compliance Review Program and Process 
Sample 1Sample 2Sample 3See All (7)

Related to The Compliance Review Program and Process

  • Compliance Review During the Term, Developer agrees to permit the GLO, HUD, and/or a designated representative of the GLO or HUD to access the Property for the purpose of performing Compliance-Monitoring Procedures. In accordance with GLO Compliance-Monitoring Procedures, the GLO or HUD will periodically monitor and audit Developer’s compliance with the requirements of this Agreement, the CDBG-DR Regulations, the CDBG Multifamily Rental Housing Guidelines, and any and all other Governmental Requirements during the Term. In conducting any compliance reviews, the GLO or HUD will rely primarily on information obtained from Developer’s records and reports, on-site monitoring, and audit reports. The GLO or HUD may also consider other relevant information gained from other sources, including litigation and citizen complaints. Attachment G GLO Contract No. 20-063-012-B933 5.04 HAZARDOUS MATERIALS: INDEMNIFICATION

  • Program Compliance The School Board shall be responsible for monitoring the program to provide technical assistance and to ensure program compliance.

  • Project Review A. Programmatic Allowances

  • Ongoing Review and Revisions As set forth in Section 35.7, the Parties have agreed to the coordination and exchange of data and information under this Agreement to enhance system reliability and efficient market operations as systems exist and are contemplated as of the Effective Date. The Parties expect that these systems and the technology applicable to these systems and to the collection and exchange of data will change from time to time throughout the term of this Agreement. The Parties agree that the objectives of this Agreement can be fulfilled efficiently and economically only if the Parties, from time to time, review and, as appropriate, revise the requirements stated herein in response to such changes, including deleting, adding, or revising requirements and protocols. Each Party will negotiate in good faith in response to such revisions the other Party may propose from time to time. Nothing in this Agreement, however, shall require any Party to reach agreement with respect to any such changes, or to purchase, install, or otherwise implement new equipment, software, or devices, or functions, except as required to perform this Agreement.

  • Performance Reviews The Employee will be provided with a written performance appraisal at least once per year and said appraisal will be reviewed at which time all aspects of the assessment can be fully discussed.

  • AUDIT REVIEW PROCEDURES A. Any dispute concerning a question of fact arising under an interim or post audit of this AGREEMENT that is not disposed of by AGREEMENT, shall be reviewed by LOCAL AGENCY’S Chief Financial Officer.

  • Performance Review Where a performance review of an employee’s performance is carried out, the employee shall be given sufficient opportunity after the interview to read and review the performance review. Provision shall be made on the performance review form for an employee to sign it. The form shall provide for the employee’s signature in two (2) places, one (1) indicating that the employee has read and accepts the performance review, and the other indicating that the employee disagrees with the performance review. The employee shall sign in only one (1) of the places provided. No employee may initiate a grievance regarding the contents of a performance review unless the signature indicates disagreement. An employee shall, upon request, receive a copy of this performance review at the time of signing. An employee’s performance review shall not be changed after an employee has signed it, without the knowledge of the employee, and any such changes shall be subject to the grievance procedure of this Agreement. The employee may respond, in writing, to the performance review. Such response will be attached to the performance review.

  • Review Protocol A narrative description of how the Claims Review was conducted and what was evaluated.

Time is Money Join Law Insider Premium to draft better contracts faster.