Vulnerability management service Sample Clauses

Vulnerability management service. 1720 6.6.1.1 Scope 1721 The vulnerability management service shall cover the entire IT service portfolio for the FWC. 1722 The following tasks shall be performed in the scope of this service: 1723  Vulnerability monitoring (proactive security monitoring) 1724 o Continuous monitoring of different security sources of vulnerability information to 1725 identify new published software vulnerabilities. Also, active monitoring of new 1726 information5 related to older vulnerabilities which are still open (=not yet 1727 remediated). 1728 o Regular (at least quarterly) vulnerability checks, e.g. by performing vulnerability 1729 and network scans, for all the systems belong to IT service portfolio, including 1730 managed networks. Missing security patches, misconfiguration and obsolete 1731 technologies shall belong to the scope of the checks. 1732  Vulnerability analysis. All the vulnerabilities shall be analysed without delay. ECHA 1733 specific criticality and urgency of the remediation actions shall be assessed by 1734 contextualising the vulnerability in ECHA environment and by taking into account (other) 1735 security measures and compensating factors in place. The criticality and urgency 1736 assessment shall be updated if further information is disclosed 1737  A proposal for remediation actions (e.g. remediated as a part of the standard regular 1738 patching or by initiating an emergency patching, a configuration change as a standard or 1739 emergency change etc.) shall be prepared and clearly communicated to ECHA. In case 5 for example if an exploit to abuse the vulnerability is published or if there is a new malware widely spreading via this hole 1740 that a primary remediation action is not yet available or cannot be applied to a critical 1741 vulnerability (e.g. if a patch is not yet available), possible temporary mitigation actions 1742 shall be assessed and proposed 1743  Follow-up and metrics. The Contractor shall follow up the remediation actions and 1744 maintain a list of the open vulnerabilities. The Contractor shall adopt metrics on 1745 vulnerability management (e.g. number of open vulnerabilities or mitigation time for the 1746 critical vulnerabilities). Whenever the metrics reveal systematic issues, a root cause 1747 assessment shall be carried out according to the model for Problem Management defined 1748 in ITIL. 1749 6.6.1.2 Objectives 1750 The main objective of the service is to detect and remediate vulnerabilities that exist in the 17...
Sample 1
AutoNDA by SimpleDocs

Related to Vulnerability management service

  • Vulnerability Management BNY Mellon will maintain a documented process to identify and remediate security vulnerabilities affecting its systems used to provide the services. BNY Mellon will classify security vulnerabilities using industry recognized standards and conduct continuous monitoring and testing of its networks, hardware and software including regular penetration testing and ethical hack assessments. BNY Mellon will remediate identified security vulnerabilities in accordance with its process.

  • Project Management Services Contractor shall provide business analysis and project management services necessary to ensure technical projects successfully meet the objectives for which they were undertaken. Following are characteristics of this Service:

  • Infrastructure Vulnerability Scanning Supplier will scan its internal environments (e.g., servers, network devices, etc.) related to Deliverables monthly and external environments related to Deliverables weekly. Supplier will have a defined process to address any findings but will ensure that any high-risk vulnerabilities are addressed within 30 days.

  • Restricted Use By Outsourcers / Facilities Management, Service Bureaus or Other Third Parties Outsourcers, facilities management or service bureaus retained by Licensee shall have the right to use the Product to maintain Licensee’s business operations, including data processing, for the time period that they are engaged in such activities, provided that: 1) Licensee gives notice to Contractor of such party, site of intended use of the Product, and means of access; and 2) such party has executed, or agrees to execute, the Product manufacturer’s standard nondisclosure or restricted use agreement which executed agreement shall be accepted by the Contractor (“Non-Disclosure Agreement”); and 3) if such party is engaged in the business of facility management, outsourcing, service bureau or other services, such third party will maintain a logical or physical partition within its computer system so as to restrict use and access to the program to that portion solely dedicated to beneficial use for Licensee. In no event shall Licensee assume any liability for third party’s compliance with the terms of the Non-Disclosure Agreement, nor shall the Non-Disclosure Agreement create or impose any liabilities on the State or Licensee. Any third party with whom a Licensee has a relationship for a state function or business operation, shall have the temporary right to use Product (e.g., JAVA Applets), provided that such use shall be limited to the time period during which the third party is using the Product for the function or business activity.

  • Financial Management Services ‌ Definition: Financial Management Services includes the planning, directing, monitoring, organizing, and controlling of the monetary resources of an organization. Examples: Service areas that are included under the Financial Management Services discipline include, but are not limited to the following:

  • Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.

  • Outpatient Services The following services are covered only at the Primary Care Provider’s office[selected by a [Member], or elsewhere [upon prior written Referral by a [Member]'s Primary Care Provider ]:

  • STATEWIDE CONTRACT MANAGEMENT SYSTEM If the maximum amount payable to Contractor under this Contract is $100,000 or greater, either on the Effective Date or at any time thereafter, this section shall apply. Contractor agrees to be governed by and comply with the provisions of §§00-000-000, 00-000-000, 00-000-000, and 00- 000-000, C.R.S. regarding the monitoring of vendor performance and the reporting of contract information in the State’s contract management system (“Contract Management System” or “CMS”). Contractor’s performance shall be subject to evaluation and review in accordance with the terms and conditions of this Contract, Colorado statutes governing CMS, and State Fiscal Rules and State Controller policies.

  • Inpatient Services Hospital This plan covers services provided while inpatient in a general or specialty hospital including, but not limited to the following: • anesthesia; • diagnostic tests and lab services; • dialysis; • drugs; • intensive care/coronary care; • nursing care; • physical, occupational, speech and respiratory therapies; • physician’s services while hospitalized; • radiation therapy; • surgery related services; and • room and board. Notify us if you are admitted from the emergency room to a hospital that is not in our network. Our Customer Service Department can assist you with any questions you may have about your coverage. Rehabilitation Facility This plan covers rehabilitation services received in a general hospital or specialty hospital. Coverage is limited to the number of days shown in the Summary of Medical Benefits.

  • Quality Management Grantee will:

Time is Money Join Law Insider Premium to draft better contracts faster.