Information Security Plan. Contractor shall establish, implement, and at all times during the term of the Agreement, maintain administrative, physical and technical safeguards that reasonably and appropriately protect the privacy, confidentiality, integrity and availability of CalSTRS Information (hereinafter, “Information Security Plan”). When requested by CalSTRS, Contractor shall provide a copy of its Information Security Plan to CalSTRS. Contractor’s Information Security Plan shall: (i) comply with applicable state, federal and international laws; (ii) meet or exceed the Federal Information Processing Standards Publication 199 protection levels, and (iii) include each of the Center for Internet Security’s Critical Security Controls (available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇.▇▇▇/▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇.▇▇▇).
Appears in 5 contracts
Sources: Request for Offer, Technology Services Agreement, Technology Services Agreement