PRINCIPLES OF SECURITY. 2.1 The Contractor acknowledges that the Authority places great emphasis on confidentiality, integrity and availability of information and consequently on the security of the Premises and the security for the Contractor System. The Contractor also acknowledges the confidentiality of Authority Data. 2.2 The Contractor shall be responsible for the security of the Contractor System and shall at all times provide a level of security which: 2.2.1 is in accordance with Good Industry Practice and Law; 2.2.2 complies with HMG Security Policy Framework; and 2.2.3 meets any specific security threats to the Contractor System. 2.3 Without limiting paragraph 2.2, the Contractor shall at all times ensure that the level of security employed in the provision of the Services is appropriate to maintain the following at acceptable risk levels (to be defined by the Authority): 2.3.1 loss of integrity of Authority Data; 2.3.2 loss of confidentiality of Authority Data; 2.3.3 unauthorised access to, use of, or interference with Authority Data by any person or organisation; 2.3.4 unauthorised access to network elements, buildings, the Premises, and tools used by the Contractor in the provision of the Services; 2.3.5 use of the Contractor System or Services by any third party in order to gain unauthorised access to any computer resource or Authority Data; and 2.3.6 loss of availability of Authority Data due to any failure or compromise of the Services. 2.3.7 processing and storage of authority data within the UK or by exception within the EEA. Any processing outside of the UK must be subject to specific approval by the Authority.
Appears in 8 contracts
Sources: Contract for the Provision of Board Effectiveness Review, Contract for the Provision of Pre Retirement Workshops, Contract for the Provision of Services
PRINCIPLES OF SECURITY. 2.1 The Contractor acknowledges that the Authority places great emphasis on confidentiality, integrity and availability of information and consequently on the security of the Premises and the security for the Contractor System. The Contractor also acknowledges the confidentiality of Authority Data.
2.2 The Contractor shall be responsible for the security of the Contractor System and shall at all times provide a level of security which:
2.2.1 is in accordance with Good Industry Practice and Law;
2.2.2 complies with HMG Security Policy Framework; and;
2.2.3 meets any specific security threats to the Contractor System; and
2.2.4 complies with Information Assurance Standards.
2.3 Without limiting paragraph 2.2, the Contractor shall at all times ensure that the level of security employed in the provision of the Goods and/or Services is appropriate to maintain the following at acceptable risk levels (to be defined by the Authority):
2.3.1 loss of integrity of Authority Data;
2.3.2 loss of confidentiality of Authority Data;
2.3.3 unauthorised access to, use of, or interference with Authority Data by any person or organisation;
2.3.4 unauthorised access to network elements, buildings, the Premises, and tools used by the Contractor in the provision of the Goods and/or Services;
2.3.5 use of the Contractor System or Goods and/or Services by any third party in order to gain unauthorised access to any computer resource or Authority Data; and
2.3.6 loss of availability of Authority Data due to any failure or compromise of the Goods and/or Services.
2.3.7 processing and storage of authority data within the UK or by exception within the EEA. Any processing outside of the UK must be subject to specific approval by the Authority.
Appears in 7 contracts
Sources: Contract for Services, Contract for Evaluating the Potential of Constructed Wetland Features, Contract for the Provision of Services
PRINCIPLES OF SECURITY. 2.1 The Contractor acknowledges that the Authority places great emphasis on confidentiality, integrity and availability of information and consequently on the security of the Premises and the security for the Contractor System. The Contractor also acknowledges the confidentiality of Authority Data.
2.2 The Contractor shall be responsible for the security of the Contractor System and shall at all times provide a level of security which:
2.2.1 is in accordance with Good Industry Practice and Law;
2.2.2 complies with HMG Security Policy Framework; and;
2.2.3 meets any specific security threats to the Contractor System; and
2.2.4 complies with Information Assurance Standards.
2.3 Without limiting paragraph 2.2, the Contractor shall at all times ensure that the level of security employed in the provision of the Goods and/or Services is appropriate to maintain the following at acceptable risk levels (to be defined by agreed between the Contractor and Authority):
2.3.1 loss of integrity of Authority Data;
2.3.2 loss of confidentiality of Authority Data;
2.3.3 unauthorised access to, use of, or interference with Authority Data by any person or organisation;
2.3.4 unauthorised access to network elements, buildings, the Premises, and tools used by the Contractor in the provision of the Goods and/or Services;
2.3.5 use of the Contractor System or Goods and/or Services by any third party in order to gain unauthorised access to any computer resource or Authority Data; and
2.3.6 loss of availability of Authority Data due to any failure or compromise of the Goods and/or Services.
2.3.7 processing and storage of authority data within the UK or by exception within the EEA. Any processing outside of the UK must be subject to specific approval by the Authority.
Appears in 2 contracts
Sources: Contract for the Provision of Services, Contract for the Provision of Services