Third Party Risk Management. 8.1.1. Novartis expects Suppliers with whom work to respect the laws and adopt the ethical business principles set out in the Novartis Third Party Code. The Novartis Third-Party Code and other codes, policies, and guidelines ("Novartis Third Party Standards") related to suppliers are available on the website: xxxxx://xxx.xxxxxxxx.xxx/supplier-portal
Third Party Risk Management. Supplier shall maintain an appropriate risk management and mitigation program for its critical suppliers. Supplier will share relevant risk metrics with Buyer. In selected cases, upon request by Buyer, Supplier will provide evidence to Buyer by sharing (anonymized) risk assessments and audit reports.
Third Party Risk Management. If the Parties have agreed certain remediation actions identified as part of Deloitte’s third party risk management process, these are set out in Schedule 6. The Supplier has agreed to complete these remediation actions within an agreed timeframe notified by Deloitte set out in Schedule 6 and, as required, to co-operate with Deloitte regarding such completion. The Parties agree that this clause is a condition of this Agreement.
Third Party Risk Management. Novartis expects the supplier to adhere to ethical business practices and to observe the Novartis Third Party Code and any other applicable Novartis codes, policies and guidelines. By providing goods/services/deliverables pursuant to this Purchase Order, the supplier hereby agrees that it will: comply with the Third Party Code (and any published updates) which can be viewed and downloaded from xxxxx://xxx.xxxxxxxx.xxx/esg/reporting/codes-policies-and- guidelines (the supplier may request a copy free of charge from Novartis); provide information/documentation on reasonable request to Novartis, its affiliated companies and respective representatives to allow Novartis to verify compliance with the Third Party Code in the form requested; use best endeavours to rectify identified non-compliances with the Third Party Code (where capable of remedy) and report remediation progress to Novartis, its affiliated companies and respective representatives on request; ensure supplier’s affiliated companies and/or subcontractors/agents directly engaged in providing goods/services/deliverables in pursuance of this Purchase Order are also required to comply with all the above requirements; and where required by Novartis, fully co-operate (at supplier’s own expense) with Novartis and Novartis affiliated companies and respective representatives in completing and returning, as reasonably instructed, any questionnaire relating to compliance topics including, without limitation, anti-bribery compliance, that supplier has received as part of Novartis Third Party Risk Management processes at any time and any updates of same (“Questionnaire for Third Parties”). The supplier warrants and represents that the information provided in any Questionnaire for Third Parties (whether provided before or after the date of this Purchase Order, including updates to the same) is accurate and complete (and such information shall be treated as being part of the agreement between Novartis and the supplier pursuant to this Purchase Order). For the avoidance of doubt, this subparagraph applies to the supplier only, and not to any subcontractor engaged by the supplier in accordance with the terms of this Purchase Order (including in accordance with the provisions of the Third Party Code). Seven business days after the receipt of a written request from Novartis, the supplier will allow Novartis associates (or any third party auditor nominated by Novartis) adequate access to supplier’s premises ...
Third Party Risk Management. (1) Within ninety (90) days of the date of this Agreement, the Board shall adopt and the Bank, subject to Board review and ongoing monitoring, shall implement and thereafter adhere to a revised third party risk management program that is consistent with OCC Bulletin 2013-29, Third-Party Relationships: Risk Management Guidance (October 30, 2013) and any subsequent OCC guidance, that includes at a minimum:
Third Party Risk Management. (1) Within sixty (60) days of the date of this Agreement, the Board shall adopt and Bank management shall implement and thereafter adhere to a written program to effectively assess and manage the risks posed by third-party fintech relationships (“Third-Party Risk Management Program”). Refer to OCC Bulletin 2013-29, “Third-Party Relationships” and OCC Bulletin 2020-10, “Third-Party Relationships: Frequently Asked Questions to Supplement OCC Bulletin 2013-29”; Refer to OCC Bulletin 2021-40, “Third-Party Relationships: Conducting Due Diligence on Financial Technology Companies: A Guide for Community Banks”.
Third Party Risk Management. Novartis has put in place a Third Party risk management framework which is aimed at promoting the societal and environmental values of the United Nations Global Compact with specific third parties that Novartis deals with (the “Third Party Code”). In connection with the above, Licensor shall:
Third Party Risk Management. (1) Within ninety (90) days from the date of this Agreement, the Board shall submit to the Assistant Deputy Comptroller for review and prior written determination of no supervisory objection a revised third party management program that meets the standards outlined in Appendix B of 12 C.F.R. 30, the “Information Security,” “Management,” and “Outsourcing Technology Services” booklets of the Federal Financial Institutions Examinations Council’s IT Examination Handbooks, and OCC Bulletin 2013-29, Third-Party Relationships: Risk Management Guidance. The Bank’s program shall, at a minimum, include:
Third Party Risk Management. Supplier will cooperate in good faith to complete any due diligence as required by applicable Laws according to Digibank’s third party risk management framework. Such due diligence may include but is not limited to providing financial information and completing information security and compliance assessments, which may be in the form of online questionnaires and/or on-site assessments. If the results of such due diligence do not comply with applicable Laws, then the Parties shall negotiate in good faith any new requirements and amendments to this Agreement, its exhibits, schedules, appendices, annexes and addenda or an individual service agreement in order for the Parties to comply with applicable Laws.
Third Party Risk Management. 19.1 Supplier acknowledges that Credit Suisse is a highly regulated financial institution and requires robust due diligence reviews of Suppliers. Supplier, therefore, will cooperate in good faith to promptly complete any due diligence requirements according to Credit Suisse’ third party risk management framework. Such due diligence may include, but is not limited to, providing financial information and completing information security and compliance assessments, which may be in the form of online questionnaires and/or on-site assessments. If the results of such due diligence do not meet Credit Suisse’s standards, then Credit Suisse shall be entitled either (i) to request to negotiate in good faith any new requirements and amendments to the Agreement in order for the Parties to comply with Credit Suisse’s standards and requirements or (ii) to terminate the Agreement with immediate effect.
