Vulnerability Assessment. Consultant shall ensure all cloud applications are securely coded, vetted and scanned. Consultant shall: (i) conduct a third-party independent vulnerability assessment annually or sooner if due to compliance regulations or other requirements, or upon a major change to the solution; (ii) provide vulnerability assessment results to Board on an annual basis during the period the Consultant is subject to the terms of this Addendum; (iii) identify and validate vulnerabilities required for remediation; and iv) ensure patching is up to date.
Vulnerability Assessment. The supplier must use commercial products or freeware (e.g., Nessus) for vulnerability assessment and/or penetration testing of the segment(s) on which servers hosting Symantec information are logically located. The supplier must specify the name and version of the network-based vulnerability assessment tool(s) used. The supplier must conduct vulnerability assessment and/or penetration testing at least twice a year. The supplier must submit the vulnerability assessment and/or penetration testing report(s) to Symantec’s Information Security upon request. The supplier must agree to Symantec-conducted vulnerability assessment scans of the portion of its extranet to be used to service Symantec.
Vulnerability Assessment. The final phase (the “Vulnerability Assessment”) evaluates the most exposed assets and considers their sensitivity to SLR impacts to assess the overall vulnerability. Specific assets were then identified based on their intersection with inundation and shore recession layers and the basis for the highest vulnerability assets were described. This analysis points to assets or parts of assets that should be prioritized for management and adaptation actions, and which may need engineering analysis and future design work/retrofits to maintain access and operation.
Vulnerability Assessment. Based on the potential current and future climate change impacts to sustainable forest management, a workshop will be held with the Woodlands Staff facilitating discussions to identify where the NFMC forest management system is vulnerable to climate change (adaptation is needed), and where opportunities for positive impacts could occur (enhanced by adaptation). Each impact will be ranked based on the potential effect (exposure and sensitivity) on the system and whether the system is resilient17 and has the adaptive capacity18 to cope with the impact. Uncertainties19 and knowledge gaps are considered vulnerabilities. The vulnerability rankings will be subjective and based on the information and knowledge available (including engagement feedback) to the Woodlands Staff at that time. Once the climate change impacts have been ranked based on vulnerability, the Woodlands Staff will narrow down which impacts are most vulnerable and require adaptations. The vulnerability assessment allows the Woodlands Staff to focus on impacts where they can influence the most change.
Vulnerability Assessment. DOL will agree to implement automated vulnerability scanning tools that cover its systems and will set policies for prompt remediation.
Vulnerability Assessment. SailPoint shall conduct risk assessments, vulnerability scans and audits (including third-party penetration testing of a representative instance of the SaaS Service twice annually). Identified product solution issues shall be scored using the Common Vulnerability Scoring System (CVSS) risk- scoring methodology based on risk impact level and the likelihood and potential consequences of an issue occurring. Vulnerabilities are remediated on the basis of assessed risk. Upon the written request of Customer, SailPoint shall provide information about the identified vulnerabilities in the SaaS Service or Required Software, as applicable to such Customer, and the measures taken to remediate or address any such vulnerabilities.
Vulnerability Assessment. IDVerifact shall regularly conduct risk assessments, vulnerability scans and audits (including third-party penetration testing of the SaaS Services twice annuallyand software upon each new version release). Identified product solution issues shall be scored using the Common Vulnerability Scoring System (CVSS) risk-scoring methodology based on risk impact level and the likelihood and potential consequences of an issue occurring. Vulnerabilities are remediated based on assessed risk. Upon request from Customer, IDVerifact shall provide information about the identified vulnerabilities and the measures taken to remediate or address any such vulnerabilities.
Vulnerability Assessment. Vendor shall conduct, at least on a annual basis and at its own expense, a vulnerability assessment of all information applications, systems, and networks associated with accessing, processing, storing, or transmitting The Hartford Data. The assessment process must include a methodology for identifying, quantifying, ranking and mitigating weaknesses in Vendor’s applications, systems, and networks. In addition, Vendor shall conduct on an annual basis a perimeter network penetration test using a third party, independent organization that specializes in providing this type of security assessment service. .
Vulnerability Assessment. Based on the previous information, the Consultant will develop an overview of the City’s vulnerability to specific hazards. Electronic maps and GIS data (provided by the Consultant) will be developed that identify local assets that are located within known hazard areas. HAZUS*, CalOES MyHazards and similar reputable resources will be used to model losses as appropriate. This vulnerability assessment will include (as the data allows):
Vulnerability Assessment. The Atlas Planning team will assist the City in the development of a Vulnerability Assessment, which includes the following components:
