Vulnerability Management and Security Assessments a) A documented process and procedures exist to identify, quantify, prioritize, track, and remediate vulnerabilities.
Vulnerability Management and Security Assessments Sample Clauses
Related to Vulnerability Management and Security Assessments
Security Assessments Upon advance written notice by the JBE, Contractor agrees that the JBE shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the JBE’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the JBE the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.
Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.
Vulnerability Management BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.
Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.
Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.
MANAGEMENT OF EVALUATION OUTCOMES 12.1 The evaluation of the Employee’s performance will form the basis for rewarding outstanding performance or correcting unacceptable performance.
Procurement and Property Management Standards The parties to this Agreement shall adhere to the procurement and property management standards established in 2 CFR 200, Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards, and to the Texas Uniform Grant Management Standards. The State must pre-approve the Local Government’s procurement procedures for purchases to be eligible for state or federal funds.
RECORDS MANAGEMENT AND MAINTENANCE 35 A. CONTRACTOR, its officers, agents, employees and subcontractors shall, throughout the term 36 of this Agreement, prepare, maintain and manage records appropriate to the services provided and in 37 accordance with this Agreement and all applicable requirements.
PROFESSIONAL DEVELOPMENT AND EDUCATIONAL IMPROVEMENT A. The Board agrees to implement the following:
Teaching Staff Assigned to More Than One Building Each Educator who is assigned to more than one building will be evaluated by the appropriate administrator where the individual is assigned most of the time. The principal of each building in which the Educator serves must review and sign the evaluation, and may add written comments. In cases where there is no predominate assignment, the superintendent will determine who the primary evaluator will be.
