DST Security Assessment Sample Clauses

DST Security Assessment. As part of DST’s Security Assessment, DST will: (i) conduct vulnerability scans and penetration assessments, including activities performed by management and contracted third parties, at least once annually on internal and external systems and applications that may receive, access, process or store Fund Confidential Information at DST’s expense. The penetration test must be performed by an independent third party, or if the penetration test is performed by DST, then it must be performed by a party independent from the team implementing security controls. The scope of the vulnerability and penetration testing must include all production information resources and contingency plans and any other information resources within DST’s organization that interact with, or provide access to, Fund Confidential Information or systems. DST will provide Fund with a letter confirming the testing has been performed. Fund is not permitted to conduct penetration testing or other code scanning on DST’s environment and software; (ii) evaluate the results of the vulnerability scans and Remediate Security Exposures deemed material by DST’s personnel as reasonably appropriate, taking into account facts and circumstances surrounding such issues; (iii) Mitigate Security Exposures discovered and deemed material by DST’s personnel within a reasonably appropriate time period. . (iv) employ automated mechanisms no less than annually to detect the presence of unauthorized software on DST information systems. This must update the list of information system vulnerabilities scanned within every three hundred sixty-five (365) days or when new vulnerabilities are identified and reported. Vulnerability scanning tools and techniques must be employed that promote interoperability among tools and automate parts of the vulnerability management process by using standards for enumerating platforms, software flaws, and improper configurations and formatting, as well as making transparent, checklists and test procedures that measure vulnerability impact; and (v) provide reasonably detailed results for vulnerability and penetration testing relating solely to Fund clients to Fund or a Fund representative. A reasonably detailed summary of results will include: (i) the date the original test was performed; (ii) the name of the company that performed the test if a third party was used; and (iii) the scope of the test, including authenticated or unauthenticated testing.
View SourceView Similar (13)
DST Security Assessment. As part of DST’s Security Assessment, DST will: (i) conduct regular vulnerability scans on externally-facing applications that may receive, access, process or store Trust Confidential Information at DST’s expense; (ii) evaluate the results of the vulnerability scans and Remediate Security Exposures deemed material by DST’s personnel as reasonably appropriate, taking into account facts and circumstances surrounding such issues; and (iii) Mitigate Security Exposures discovered and deemed material by DST’s personnel within a reasonably appropriate time period. In addition, DST will at least once per year, perform penetration testing on its externally-facing systems that may receive, access, process or store Trust Confidential Information, and will provide Trust with a letter confirming the testing has been performed. Trust is not permitted to conduct penetration testing or other code scanning on DST’s environment and software.
View SourceView Similar (9)

Related to DST Security Assessment

  • Security Assessment If Accenture reasonably determines, or in good faith believes, that Supplier’s security practices or procedures do not meet Supplier’s obligations under the Agreement, then Accenture will notify Supplier of the deficiencies. Supplier will without unreasonable delay: (i) correct such deficiencies at its own expense; (ii) permit Accenture, or its duly authorized representatives, to assess Supplier’s security-related activities that are relevant to the Agreement; and (iii) timely complete a security questionnaire from Accenture on a periodic basis upon Accenture’s request. Security issues identified by Accenture will be assigned risk ratings and an agreed-to timeframe to remediate. Supplier will remediate all the security issues identified within the agreed to timeframes. Upon Supplier’s failure to remediate any high or medium rated security issues within the stated timeframes, Accenture may terminate the Agreement in accordance with Section 8 above.

  • Security Assessments Upon advance written notice by the JBE, Contractor agrees that the JBE shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the JBE’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the JBE the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.

  • Needs Assessment 1. The Contractor shall conduct a cultural and linguistic group-needs assessment of the eligible client population in the Contractor’s service area to assess the language needs of the population and determine what reasonable steps are necessary to ensure meaningful access to services and activities to eligible individuals. [22 CCR 98310, 98314] The group-needs assessment shall take into account the following four (4) factors: a. Number or proportion of persons with Limited English Proficiency (LEP) eligible to be served or encountered by the program. b. Frequency with which LEP individuals come in contact with the program. c. Nature and importance of the services provided. d. Local or frequently used resources available to the Contractor. This group-needs assessment will serve as the basis for the Contractor’s determination of “reasonable steps” and provide documentary evidence of compliance with Cal. Gov. Code § 11135 et seq.; 2 CCR 11140, 2 CCR 11200 et seq., and 22 CCR98300 et seq. 2. The Contractor shall prepare and make available a report of the findings of the group-needs assessment that summarizes: a. Methodologies used. b. The linguistic and cultural needs of non-English speaking or LEP groups. c. Services proposed to address the needs identified and a timeline for implementation. [22 CCR 98310] 3. The Contractor shall maintain a record of the group-needs assessment on file at the Contractor’s headquarters at all times during the term of this Agreement. [22 CCR 98310, 98313]

  • Joint Assessment If the Premises are not separately assessed, Lessee's liability shall be an equitable proportion of the Real Property Taxes for all of the land and improvements included within the tax parcel assessed, such proportion to be conclusively determined by Lessor from the respective valuations assigned in the assessor's work sheets or such other information as may be reasonably available.

  • No Joint Assessment Borrower shall not, and shall not permit Mortgage Borrower to, suffer, permit or initiate the joint assessment of any Individual Property (a) with any other real property constituting a tax lot separate from such Individual Property, and (b) which constitutes real property with any portion of such Individual Property which may be deemed to constitute personal property, or any other procedure whereby the lien of any taxes which may be levied against such personal property shall be assessed or levied or charged to such real property portion of the Individual Property, except as required by Legal Requirements.