Isms and Security Management Plan Clause Samples
POPULAR SAMPLE Copied 1 times
Isms and Security Management Plan. Introduction Throughout the Term the Service Provider shall develop, implement, comply with (and ensure that all service provider personnel and Sub-Contractors implement and comply with) and maintain and continuously improve and maintain an ISMS which shall, without prejudice to Paragraphs 2.2 above and 4.1 below, be: approved by the Authority; tested in accordance with Paragraph 4; and periodically updated and audited in accordance with ISO/IEC 27001. The Service Provider shall develop and maintain a Security Management Plan in accordance with this Schedule to apply during the Term (and after the end of the Term as applicable) in both this Framework Agreement and all Call-Off Agreements. The Service Provider shall comply with its obligations set out in the Security Management Plan and the other elements of this Framework Agreement relevant to security (including the Security Requirements). Both the ISMS and the Security Management Plan shall, unless otherwise specified in writing by the Authority, aim to protect all aspects of the Services and all processes associated with the delivery of the Services, including the Sites, the Service Provider System and any ICT, information and data (including the Contracting Body Confidential Information) to the extent used by the Authority, the Contracting Body or the Service Provider in connection with this Framework Agreement. The Service Provider is responsible for monitoring and ensuring that it is aware of changes to the Security Policy Framework. The Service Provider shall keep the Security Management Plan up-to-date with the Security Policy Framework as amended from time to time. Development Within thirty (30) Working Days after the Commencement Date (or such other period specified in the Implementation Plan or as otherwise agreed by the Parties in writing) and in accordance with Paragraphs 3.3 and 3.4 below, the Service Provider shall prepare and deliver to the Authority and (if required by the Authority) the Pan-Government Accreditor for approval a fully complete and up-to-date Security Management Plan, relating specifically to the Services provided under this Framework Agreement. In this instance the “Pan Government Accreditor” refers to the service provided by CESG, the National Technical Authority for Information Assurance, concerned with effective management of information risk associated with adoption of pan-government shared services If the Security Management Plan or any subsequent revision to it in acc...
Isms and Security Management Plan. Introduction The Contractor shall develop, implement, operate, maintain and continuously improve and maintain an ISMS which will, without prejudice to paragraph 2.2, be approved, by the Authority, tested in accordance with the schedule relating to testing procedures (if applicable), periodically updated and audited in accordance with ISO/IEC 27001. The Contractor shall develop and maintain a Security Management Plan in accordance with this Schedule to apply during the term of this Agreement. The Contractor shall comply with its obligations set out in the Security Management Plan. Both the ISMS and the Security Management Plan shall, unless otherwise specified by the Authority, aim to protect all aspects of the Services and all processes associated with the delivery of the Services, including the Authority’s premises, the Sites, the Contractor System and any information and communications technology, information and data (including the Authority Confidential Information and the Authority Data) to the extent used by the Authority or the Contractor in connection with this Agreement. Development Within 20 Working Days after the date of the contract to which these Supplementary Conditions apply and in accordance with paragraph (Amendment and Revision), the Contractor will prepare and deliver to the Authority for approval the full and final Security Management Plan which will be based on the draft Security Management Plan set out in Appendix 1. If the Security Management Plan, or any subsequent revision to it in accordance with paragraph 3.4, is approved by the Authority it will be adopted immediately and will replace the previous version of the Security Management Plan at Appendix 1. If the Security Management Plan is not approved by the Authority the Contractor shall amend it within [10] Working Days of a notice of non-approval from the Authority and re-submit to the Authority for approval. The parties will use all reasonable endeavours to ensure that the approval process takes as little time as possible and in any event no longer than [15] Working Days (or such other period as the parties may agree in writing) from the date of its first submission to the Authority. If the Authority does not approve the Security Management Plan following its resubmission, the matter will be resolved in accordance with any procedures for resolving disputes set out in the General Conditions. No approval to be given by the Authority pursuant to this paragraph of this schedule may...
Isms and Security Management Plan. 5.1 The Contractor shall develop an ISMS and a Security Management Plan which covers the End to End Solution.
Isms and Security Management Plan