ENTERPRISE SECURITY SPECIFICATIONS Clause Samples

The Enterprise Security Specifications clause defines the security standards and requirements that an organization must follow to protect its information systems and data. It typically outlines specific technical and procedural safeguards, such as encryption protocols, access controls, and regular security audits, that must be implemented by the enterprise and its vendors. By establishing clear security expectations, this clause helps prevent data breaches and ensures compliance with industry regulations, thereby reducing the risk of unauthorized access or data loss.
ENTERPRISE SECURITY SPECIFICATIONS. A. Each Participating Agency agrees: 1. To implement and maintain a security program that, at a minimum, includes all controls identified in NIST Special Publication 800-171. Furthermore, each Participating Agency shall be responsible for maintaining a secure environment compliant with state policies, standards and guidelines, and other applicable federal and state law that supports the Transmission of Data in compliance with the Specifications. 2. To comply with additional safeguards recommended by the Data Governing Board and/or required by the Executive Board, including but not limited to encryption of Data in transit and at rest using current industry standard algorithms agreed on by the Parties involved before transmission occurs. 3. As appropriate under applicable federal and state law, have written privacy and security policies, including Access and Disclosure policies. 4. To the extent permissible under applicable federal and state law, comply with Specifications that define expectations with respect to data privacy and security standards in this E-MOU. B. The Data Integration Hub agrees: 1. To implement and maintain a security program that, at a minimum, includes all controls identified in NIST Special Publication 800-171. 2. That each Participating Agency shall, through its agents, employees, and independent contractors have the ability to audit the processes at the Data Integration Hub related to this E-MOU for Data security purposes: to clarify, the Participating Agency has the ability to monitor the access to and use of the Data Integration Hub, but not the records or the Data being provided 3. That all Data from each Participating Agency, in the possession of the Data Integration Hub, shall be encrypted at rest (storage) and in motion (Transmittal) including all Participating Agency Data sent to the Data Recipient. 4. To develop procedures to notify Participating Agencies when a breach or suspected breach of the Data Integration Hub has occurred. C. In accordance with applicable federal and state law, each Party shall be responsible for procuring and assuring that its User(s) have or have access to equipment and software necessary to fulfill its responsibilities under this E-MOU.
View SourceView Similar (6)

Related to ENTERPRISE SECURITY SPECIFICATIONS

  • DAF Specifications Developer shall submit initial specifications for the DAF, including System Protection Facilities, to Connecting Transmission Owner and NYISO at least one hundred eighty (180) Calendar Days prior to the Initial Synchronization Date; and final specifications for review and comment at least ninety (90) Calendar Days prior to the Initial Synchronization Date. Connecting Transmission Owner and NYISO shall review such specifications to ensure that the DAF are compatible with the technical specifications, operational control, and safety requirements of the Connecting Transmission Owner and NYISO and comment on such specifications within thirty (30) Calendar Days of Developer’s submission. All specifications provided hereunder shall be deemed to be Confidential Information.

  • Technical Specifications The purpose of the Technical Specifications (TS), is to define the technical characteristics of the Goods and Related Services required by the Procuring Entity. The Procuring Entity shall prepare the detailed TS consider that:

  • Information Technology Enterprise Architecture Requirements If this Contract involves information technology-related products or services, the Contractor agrees that all such products or services are compatible with any of the technology standards found at ▇▇▇▇▇://▇▇▇.▇▇.▇▇▇/iot/2394.htm that are applicable, including the assistive technology standard. The State may terminate this Contract for default if the terms of this paragraph are breached.

  • Enterprise Information Management Standards Performing Agency shall conform to HHS standards for data management as described by the policies of the HHS Chief Data and Analytics Officer. These include, but are not limited to, standards for documentation and communication of data models, metadata, and other data definition methods that are required by HHS for ongoing data governance, strategic portfolio analysis, interoperability planning, and valuation of HHS System data assets.

  • The Specifications The Specifications are that portion of the Contract Documents consisting of the written requirements for materials, equipment, systems, standards and workmanship for the Work, and performance of related services.