XXXXXXXX’S INFORMATION SECURITY PLAN AND RESPONSIBILITIES. A. Supplier acknowledges that UC must comply with information security standards as required by law, regulation, and regulatory guidance, as well as by UC’s internal security program that protects Institutional Information and IT Resources.