SECURITY CONTROLS COMPLIANCE TESTING Clause Samples

The SECURITY CONTROLS COMPLIANCE TESTING clause establishes the right to assess and verify that security measures are properly implemented and maintained. Typically, this clause allows one party—often a client or regulator—to conduct audits, inspections, or tests of the other party’s systems and processes to ensure compliance with agreed-upon security standards or policies. By enabling regular or ad hoc reviews of security controls, this clause helps identify vulnerabilities, ensures ongoing adherence to security requirements, and mitigates the risk of data breaches or non-compliance with legal or contractual obligations.
SECURITY CONTROLS COMPLIANCE TESTING. On a periodic basis, VA, including the Office of Inspector General, reserves the right to evaluate any or all of the security controls and privacy practices implemented by the contractor under the clauses contained within the contract. With 10 working-days’ notice, at the request of the government, the contractor must fully cooperate and assist in a government-sponsored security controls assessment at each location wherein VA information is processed or stored, or information systems are developed, operated, maintained, or used on behalf of VA, including those initiated by the Office of Inspector General. The government may conduct a security control assessment on shorter notice (to include unannounced assessments) as determined by VA in the event of a security incident or at any other time.
View SourceView Similar (7)
SECURITY CONTROLS COMPLIANCE TESTING. On a periodic basis, VA, including the Office of Inspector General, reserves the right to evaluate any or all of the security controls and privacy practices implemented by the contractor under the clauses contained within the contract. With 10 working-day’s notice, at the request of the government, the contractor must fully cooperate and assist in a government-sponsored security controls assessment at each location wherein VA information is processed or stored, or information systems are developed, operated, maintained, or used on behalf of VA, including those initiated by the Office of Inspector General. The government may conduct a security control assessment on shorter notice (to include unannounced assessments) as determined by VA in the event of a security incident or at any other time. Contractor/subcontractor employees requiring access to VA information shall complete privacy training annually as required for covered entities under the HIPAA. The COR shall ensure employees complete training within 1 week of the initiation of the contract and annually thereafter, as required. Failure to complete the mandatory annual training annually, within the timeframe required, is grounds for suspension or termination of all physical or electronic access privileges and removal from work on the contract until such time as the training and documents are complete.
View Source
SECURITY CONTROLS COMPLIANCE TESTING. On a periodic basis, VA, including the Office of Inspector General, reserves the right to evaluate any or all of the security controls and privacy practices implemented by the contractor under the clauses contained within the contract. With 10 working-day’s notice, at the request of the government, the contractor must fully cooperate and assist in a government-sponsored security controls assessment at each location wherein VA information is processed or stored, or information systems are developed, operated, maintained, or used on behalf of VA, including those initiated by the Office of Inspector
View Source

Related to SECURITY CONTROLS COMPLIANCE TESTING

  • Internal Controls and Compliance with the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act Except as set forth in the General Disclosure Package, the Company, its subsidiaries and the Company’s Board of Directors (the “Board”) are in compliance with all applicable provisions of ▇▇▇▇▇▇▇▇-▇▇▇▇▇ and Exchange Rules. The Company maintains a system of internal controls, including, but not limited to, disclosure controls and procedures, internal controls over accounting matters and financial reporting, an internal audit function and legal and regulatory compliance controls (collectively, “Internal Controls”) that comply with the applicable Securities Laws and are sufficient to provide reasonable assurances that (i) transactions are executed in accordance with management’s general or specific authorizations, (ii) transactions are recorded as necessary to permit preparation of financial statements in conformity with U.S. Generally Accepted Accounting Principles (“GAAP”) and to maintain accountability for assets, (iii) access to assets is permitted only in accordance with management’s general or specific authorization, and (iv) the recorded accounting for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. The Internal Controls are, or upon consummation of the offering of the Offered Securities will be, overseen by the Audit Committee (the “Audit Committee”) of the Board in accordance with Exchange Rules. The Company has not publicly disclosed or reported to the Audit Committee or the Board, and within the next 135 days the Company does not reasonably expect to publicly disclose or report to the Audit Committee or the Board, a significant deficiency, material weakness, change in Internal Controls or fraud involving management or other employees who have a significant role in Internal Controls, any violation of, or failure to comply with, the Securities Laws, or any matter which, if determined adversely, would result in a Material Adverse Effect.

  • CERTIFICATIONS; DISCLOSURE CONTROLS AND PROCEDURES The Adviser acknowledges that, in compliance with the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act of 2002 (the “▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act”), and the implementing regulations promulgated thereunder, the Trust and the Fund are required to make certain certifications and have adopted disclosure controls and procedures. To the extent reasonably requested by the Trust, the Adviser agrees to use its best efforts to assist the Trust and the Fund in complying with the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act and implementing the Trust’s disclosure controls and procedures. The Adviser agrees to inform the Trust of any material development related to the Fund that the Adviser reasonably believes is relevant to the Fund’s certification obligations under the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act.

  • Controls and Integration The existing RTU is sufficient for the scope of this project. Spare I/O points will be used to accommodate the additions required.

  • Disclosure Controls and Procedures; Deficiencies in or Changes to Internal Control Over Financial Reporting The Company has established and maintains disclosure controls and procedures (as defined in Rules 13a-15 and 15d-15 under the Exchange Act), which (i) are designed to ensure that material information relating to the Company, including its consolidated subsidiaries, is made known to the Company’s principal executive officer and its principal financial officer by others within those entities, particularly during the periods in which the periodic reports required under the Exchange Act are being prepared; (ii) have been evaluated by management of the Company for effectiveness as of the end of the Company’s most recent fiscal quarter; and (iii) are effective in all material respects to perform the functions for which they were established. Since the end of the Company’s most recent audited fiscal year, there have been no significant deficiencies or material weakness in the Company’s internal control over financial reporting (whether or not remediated) and no change in the Company’s internal control over financial reporting that has materially affected, or is reasonably likely to materially affect, the Company’s internal control over financial reporting. The Company is not aware of any change in its internal control over financial reporting that has occurred during its most recent fiscal quarter that has materially affected, or is reasonably likely to materially affect, the Company’s internal control over financial reporting.

  • Internal Controls and Procedures The Company has established and maintains disclosure controls and procedures and internal control over financial reporting (as such terms are defined in paragraphs (e) and (f), respectively, of Rule 13a-15 under the Exchange Act) as required by Rule 13a-15 under the Exchange Act. The Company’s disclosure controls and procedures are reasonably designed to ensure that all material information required to be disclosed by the Company in the reports that it files or furnishes under the Exchange Act is recorded, processed, summarized and reported within the time periods specified in the rules and forms of the SEC, and that all such material information is accumulated and communicated to the Company’s management as appropriate to allow timely decisions regarding required disclosure and to make the certifications required pursuant to Sections 302 and 906 of the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act of 2002 (the “▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act”). The Company’s management has completed an assessment of the effectiveness of the Company’s internal controls over financial reporting in compliance with the requirements of Section 404 of the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act for the year ended December 31, 2010 and such assessment concluded that such controls were effective. Based on its most recent evaluation of internal controls over financial reporting prior to the date hereof, management of the Company has disclosed to the Company’s auditors and the audit committee of the Company Board (i) any significant deficiencies and material weaknesses in the design or operation of internal controls over financial reporting that are reasonably likely to adversely affect in any material respect the Company’s ability to report financial information and (ii) any fraud, whether or not material, that involves management or other employees who have a significant role in the Company’s internal control over financial reporting, and each such deficiency, weakness and fraud so disclosed to auditors, if any, has been disclosed to Parent prior to the date hereof.