Operations Security Sample Clauses

Operations Security. To the extent the Contractor or its subcontractors, affiliates or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor shall cause an SSAE 18 SOC 2 Type 2 audit report to be conducted annually. The audit results and the Contractor’s plan for addressing or resolution of the audit results shall be shared with the State within sixty (60) days of the Contractor's receipt of the audit results. Further, on an annual basis, within 90 days of the end of the Contractor’s fiscal year, the Contractor shall transmit its annual audited financial statements to the State.

Operations Security. 12.4.2.1 On the Commercial Operations Date, the Seller shall provide to the Purchaser security ("Operations Security") in the amount of [◆] to ensure the completion and proper operation and maintenance of the Plant. The Operations Security shall be: (a) an unconditional and irrevocable direct pay letter of credit issued by a bank acceptable to the Purchaser in form and substance satisfactory to the Purchaser; and (b) adjusted in terms of amount from time to time in accordance with [Schedule 5 -]. Adjustments to be considered in a case-by-case basis. 12.4.2.2 The Operations Security may be applied to: (a) the payment of liquidated damages and accrued interest thereon in accordance with Clause 12.5; and (b) the payment of other Damages and interest that the Seller shall be required to pay to the Purchaser. 12.4.2.3 Except as expressly provided in this Agreement, the Seller shall maintain the Operations Security at the level designated in Clause 12.4.2.1 at all times; except that the Seller may have [◆] Days from the date the Purchaser gives notice to the Seller that it has retained or collected funds from the Operations Security pursuant to this Clause 12.4.2 to replenish the Operations Security so as to return it to the required level, as escalated. 12.4.2.4 Upon termination of this Agreement: (a) the Purchaser shall be entitled to retain or collect, as the case may be, from the Operations Security any Damages or moneys then due or reasonably expected to be due to the Purchaser by the Seller and shall pay or return to the Seller the remainder of the Operations Security and accrued interest, if any; and (b) if there is any matter between the Seller and the Purchaser that has been referred to an expert for determination or is being arbitrated pursuant to the Agreement, then the Purchaser shall be entitled to retain or collect, as the case may be, from the Operations Security, an amount equal to the Damages or moneys that the Purchaser, in its reasonable judgment, deems sufficient to satisfy any amount that may be due to the Purchaser by reason of such matter. Upon settlement or resolution of the matter, the Purchaser shall pay or return to the Seller the remaining amount of Operations Security.

Operations Security. As applicable to the performance of any service pursuant to which the Contractor will receive or collect State Data, as outlined in a Statement of Work, or a Purchase Order, or any other form of ordering document hereunder, the Contractor shall work with the State to determine the appropriate security model and compliance assessment for any such services. Further, on an annual basis, within 90 days of the end of the Contractor’s fiscal year, the Contractor shall transmit its annual audited financial statements to the State.

Operations Security. To the extent the Contractor or its subcontractors, affiliates or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor shall cause an SSAE 18 SOC 2 Type 2 audit report to be conducted annually. Upon the State’s request and the execution of an appropriate non-disclosure agreement, Contractor will share the audit results and the Contractor’s plan for addressing or resolution of the audit results. shall be shared with the State within sixty (60) days of the Contractor's receipt of the audit

Operations Security. The Contractor shall cause an SSAE 16 SOC 2 Type 2 audit report to be conducted annually. The audit results and the Contractor’s plan for addressing or resolution of the audit results shall be shared with the State within sixty (60) days of the Contractor's receipt of the audit results. Further, on an annual basis, within 90 days of the end of the Contractor’s fiscal year, the Contractor shall transmit its annual audited financial statements to the State.

Operations Security. The Company shall have an established change management system in place for making changes to business processes, information processing facilities and systems. The change management system shall include tests and reviews before changes are implemented, such as procedures to handle urgent changes, roll back procedures to recover from failed changes, logs that show, what has been changed, when and by whom. The Company shall implement malware protection to ensure that any software used for Company’s provision of the Services to the Customer is protected from malware. The Company shall make backup copies of critical information and test back-up copies to ensure that the information can be restored as agreed with the Customer. The Company shall log and monitor activities, such as create, reading, copying, amendment and deletion of processed data, as well as exceptions, faults and information security events and regularly review these. Furthermore, the Company shall protect and store (for at least 6 months or such period/s set by Data Protection Law) log information, and on request, deliver monitoring data to the Customer. Anomalies / incidents / indicators of compromise shall be reported according to the data breach management requirements as set out in clause 9, below. The Company shall manage vulnerabilities of all relevant technologies such as operating systems, databases, applications proactively and in a timely manner. The Company shall establish security baselines (hardening) for all relevant technologies such as operating systems, databases, applications. The Company shall ensure development is segregated from test and production environment.

Operations Security. The Service Provider shall cause an SSAE 16 SOC 2 Type 2 audit report to be conducted annually. The audit results and the Service Provider’s plan for addressing or resolution of the audit results shall be shared with the Customer within sixty (60) days of the Service Provider 's receipt of the audit results. Further, on an annual basis, within 90 days of the end of the Service Provider’s fiscal year, the Service Provider shall transmit its annual audited financial statements to the State.

Operations Security. 7.1. Changes to production environments are controlled in line with ▇▇▇▇ & ▇▇▇▇▇▇’▇ IT Change Management Policy. 7.2. Malware detection, prevention, and recovery controls to protect against are in place via a next generation anti-malware solution. 7.3. A comprehensive patch management process is in place. Patches and security updates are deployed monthly, or more frequently if a significant security risk is identified. Patch management is subject to IT Change Control and the IT Change Management Process. 7.4. A technical vulnerability management programme is in place including an ongoing programme of remediation. Vulnerabilities are identified via internal and external infrastructure scans, quarterly PCI-DSS ASV scans and penetration tests. 7.5. A comprehensive annual penetration test programme is in place, carried out by CREST accredited independent penetration testers.

Operations Security. ● Processor maintains policies describing its security measures and the relevant procedures and responsibilities of its personnel who have access to Customer Data and to its systems and networks. ● Processor maintains multiple copies of Customer Data from which Customer Data can be recovered in case of a breach. ● Processor maintains logs and monitors access to administrator and operator activity and data recovery events.