Oversight of Security Compliance Sample Clauses

Oversight of Security Compliance. GRANTEE may require Certified Vendor to comply with its own internal security standards, in addition to any security standards included in the exemplar Participating Entity Service Agreement, and incorporate such standards into the Participating Entity Service Agreement by reference;

Oversight of Security Compliance. Upon Named Entity’s written request, to confirm compliance with this Contact, the RFO, the OAG Information Security Standards (Attachment 4 to the RFO) as well as any applicable laws and industry standards, Vendor shall promptly and accurately complete a written information security questionnaire provided by Named Entity or a third party on the Named Entity’s behalf regarding Vendor’s business practices and information technology environment in relation to all Named Entity Protected Data being handled and/or services being provided by Vendor to Named Entity or any of the Participating Entities pursuant to this Contract or the Incorporated Documents. Vendor shall fully cooperate with such inquiries. Named Entity shall treat the information provided by Vendor in the security questionnaire as Vendor’s confidential, proprietary information under Section 10.1 below.

Oversight of Security Compliance. Upon request, Agency shall grant PLK and the Company, or a third party acting on PLK’s or the Company’s behalf, permission to perform an assessment, audit, examination, or review of controls in Agency’s environment in relation to the Personal Information being handled and/or services being provided to confirm compliance with the Agreement, as well as any applicable laws, regulations, and industry standards. Agency shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that processes, stores, or transports Personal Information pursuant to the Agreement. In addition, upon request, Agency shall provide PLK with the results of any audit performed at Agency’s sole cost and expense that assesses the effectiveness of Agency’s information security program as relevant to the security and confidentiality of Personal Information shared during the course of this Agreement.

Oversight of Security Compliance. At least once per year, Backup Servicer shall conduct site audits of the information technology and information security controls for all facilities used in complying with its obligations under this Agreement. Upon Client’s request, to confirm Backup Servicer’s compliance with this Agreement, as well as any applicable laws, regulations and industry standards, Backup Servicer grants Client or, upon Client’s election, a third party on Client’s behalf, permission to perform an assessment, audit, examination or review of all controls in Backup Servicer’s physical and/or technical environment in relation to all Highly Confidential Information being handled and/or services being provided to Client pursuant to this Agreement. Backup Servicer shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure and application software that processes, stores or transports Highly Confidential Information for Client pursuant to this Agreement. Upon Client’s written request, Backup Servicer shall make available to Client for review all of the following, as applicable: Backup Servicer’s latest Payment Card Industry (PCI) Certification Report; SOC2 Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy; and any reports relating to its ISO/ICE 27001 certification. Client shall treat such audit reports as Backup Servicer’s Confidential Information under this Agreement. Any exceptions noted on the SSAE report or other audit reports relating to Highly Confidential Information will be promptly addressed with the development and implementation of a corrective action plan by Backup Servicer’s management. 6.

Oversight of Security Compliance. Upon WWP’s request, CONTRACTOR will allow WWP or, upon WWP’s election, a third party on WWP’s behalf, to perform an assessment of all controls in CONTRACTOR’s environment in relation to all Personal Information being handled pursuant to this Agreement. CONTRACTOR will fully cooperate with such assessment. In addition, upon WWP’s request, CONTRACTOR will provide WWP with the results of any audit by or on behalf of CONTRACTOR performed that assesses the effectiveness of CONTRACTOR's information security program as relevant to the security and confidentiality of Personal Information shared during the course of this Agreement.

Oversight of Security Compliance. (A) The Contractor shall have and maintain a written information security policy that specifies Security Safeguards appropriate to the size and complexity of the Contractor’s operations and the nature and scope of its activities. (B) Upon the County’s written request, to confirm the Contractor’s compliance with this Exhibit E, as well as any applicable laws, regulations and industry standards, the Contractor grants the County or, upon the County’s election, a third party on the County’s behalf, permission to perform an assessment, audit, examination or review of all controls in the Contractor’s physical and technical environment in relation to all Personal Information that is Used by the Contractor pursuant to this Agreement. The Contractor shall fully cooperate with such assessment, audit or examination, as applicable, by providing the County or the third party on the County’s behalf, access to all Authorized Employees and other knowledgeable personnel, physical premises, documentation, infrastructure and application software that is Used by the Contractor for Personal Information pursuant to this Agreement. In addition, the Contractor shall provide the County with the results of any audit by or on behalf of the Contractor that assesses the effectiveness of the Contractor’s information security program as relevant to the security and confidentiality of Personal Information Used by the Contractor or Authorized Persons during the course of this Agreement under this Exhibit E. (C) The Contractor shall ensure that all Authorized Persons who Use Personal Information agree to the same restrictions and conditions in this Exhibit E. that apply to the Contractor with respect to such Personal Information by incorporating the relevant provisions of these provisions into a valid and binding written agreement between the Contractor and such Authorized Persons or amending any written agreements to provide same.

Oversight of Security Compliance a. Upon Smart Start’s request, to confirm Provider’s compliance with this Master Services Agreement, as well as any applicable laws, regulations, and industry standards, Provider grants Smart Start or, upon Smart Start’s election, a third party on Smart Start’s behalf, permission to perform an assessment, audit, examination, or review of all controls in Provider’s physical and/or technical environment in relation to all Confidential Information being Processed and/or Services being provided to Smart Start pursuant to this Master Services Agreement. Provider shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that processes, stores, or transports Confidential Information for Smart Start pursuant to this Master Services Agreement. In addition, upon Smart Start’s request, Provider shall provide Smart Start with the results of any audit by or on behalf of Provider performed that assesses the effectiveness of Provider’s information security program as relevant to the security and confidentiality of Confidential Information shared during the course of this Master Services Agreement. b. Upon Smart Start’s request, to confirm Provider’s compliance with this Master Services Agreement, as well as any applicable laws and industry standards, Provider shall promptly and accurately complete a written information security questionnaire provided by Smart Start, or a third party on Smart Start’s behalf, regarding Provider’s business practices and information technology environment in relation to all Confidential Information being Processed and/or Services being provided by Provider to Smart Start pursuant to this Master Services Agreement. Provider shall fully cooperate with such inquiries.

Oversight of Security Compliance. Upon the District’s written request, to confirm Contractor’s compliance with this Agreement, as well as any applicable laws, regulations, and industry standards, Contractor grants the District or a third party working on behalf of the District permission to perform an assessment, audit, examination, or review of all controls in Contractor’s physical and/or technical environment in relation to all Protected Information being handled by Contractor pursuant to this Agreement. Contractor shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that processes, stores, or transports Protected Information for the District pursuant to this Agreement. In addition, upon the District’s written request, Contractor shall provide the District with the results of any audit by or on behalf of Contractor performed that assesses the effectiveness of Contractor’s information security program as relevant to the security and confidentiality of Protected Information shared under this Agreement.

Oversight of Security Compliance. (a) At least once per year, Vendor shall conduct audits of the information technology and information security controls for all facilities used in complying with its obligations under this Agreement, including, but not limited to, obtaining a network-level vulnerability assessment performed by a recognized third-party audit firm based on recognized industry best practices. (b) Upon City’s written request, Vendor's shall provide information on available audit logs and reports relating to cyber and physical security. (c) Upon City's request, to confirm Vendor’s compliance with this Agreement, as well as any applicable laws, regulations, and industry standards, Vendor grants City or upon City’s election, a third party on City's behalf, permission to perform an assessment, audit, examination, or review of Vendor’s records, and all controls in Vendor’s physical and/or technical environment in relation to the Equipment or Systems and all City Information being handled and/or Equipment or services being provided to City pursuant to this Agreement. Vendor shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application facilities, equipment, and software that processes, stores, or transports City Information for City pursuant to this Agreement. In addition, upon City 's request, Vendor shall provide City with the results of any audit by or on behalf of Vendor performed that assesses the effectiveness of Vendor's information security program as relevant to the security and confidentiality of Vendor’s Systems, the Equipment, and City Information shared during the course of this Agreement. (d) Upon City 's written request, to confirm compliance with this Agreement, as well as any applicable laws and industry standards, Vendor shall promptly and accurately complete a written information security questionnaire provided by City or a third party on City’s behalf, regarding Vendor's business practices and information technology environment in relation to all City Information being handled and/or services being provided by Vendor to City pursuant to this Agreement. Vendor shall fully cooperate with such inquiries. City shall treat the information provided by Vendor in the security questionnaire as Vendor's Confidential Information. (e) At no charge to City, Vendor shall, at least once each calendar year at no greater than a twelve month interval from the previous audit (such interva...