Contractor’s Information Security Representations and Warranties. a. Contractor warrants that any material information relating to any security incidents (i.e. any data breach triggering a legal duty of notification) from the past five (5) years has been disclosed to CalSTRS. b. Contractor shall disclose any legal or regulatory actions pending against Contractor relating to an Incident, and to Contractor’s actual knowledge, also disclose if there are any legal or regulatory actions threatened against Contractor relating to an Incident. c. Contractor warrants that there will be no processing, storage, or transmission of CalSTRS Information by third parties (fourth parties to CalSTRS) not approved by CalSTRS in writing. Contractor shall direct any approved third party to adhere to the provisions of this Addendum. Contractor will provide copies of its fourth-party risk management policies to CalSTRS upon request. d. Contractor represents and warrants that it shall employ or contract with and retain at all times sufficient personnel qualified or paid security service to maintain and execute its Information Security Plan.
Appears in 5 contracts
Sources: Request for Offer, Technology Services Agreement, Technology Services Agreement