Security Policy Framework Clause Samples

The Security Policy Framework clause establishes the standards and procedures that an organization must follow to protect its information and systems from security threats. It typically outlines the required security controls, roles and responsibilities, and compliance measures that employees and contractors must adhere to, such as password protocols, data encryption, and incident reporting processes. By providing a structured approach to managing security risks, this clause ensures that all parties understand their obligations and helps prevent unauthorized access, data breaches, and other security incidents.
Security Policy Framework. The parties agree to enter into a confidential relationship with respect to the disclosure of certain sensitive, proprietary or protected information ("Sensitive Information").
View SourceView Similar (6)
Security Policy Framework. The whole SPF is provided for Contractors’ reference, however, Contractors’ should complete the questions highlighted in yellow for submission with their Tender.
View Source
Security Policy Framework. The Supplier shall evidence working towards compliance with SPF minimum mandatory measures (as contained within this clause S3-30) and shall ensure that controls are in place relevant to the BIL of DfE Data before the contract. The Supplier shall record compliance, and evidence of such compliance, with its obligations under this Schedule 7, using a self-assessment checklist (“Self-Assessment Checklist”) satisfactory to DfE and shall make available to DfE an updated Self-Assessment Checklist: (i) on or by the date for the Security Document and Business Continuity Plans to be completed; and (ii) promptly following a change: in the operational requirements of the National Curriculum Tests programme; or to one or more SPF minimum mandatory measures. Each Self-Assessment Checklist shall include details of: whether the Supplier is compliant with each requirement of this clause S3-30 (each, a “Requirement”); evidence supporting the Supplier’s compliance with each Requirement; actions taken by the Supplier to mitigate any non-compliance with each Requirement; the risk caused to the Supplier and DfE due to any non-compliance with each Requirement; and the named person(s) in the Supplier’s organisation who are responsible for ensuring compliance with each Requirement. For the purposes of completing the Self-Assessment Checklist, as at 17 June 2009, the BIL rating of NCT data is BIL3.
View Source

Related to Security Policy Framework

  • Security Policy As part of PCI DSS, the Card Organizations require that you have a security policy that covers the security of credit card information.

  • Security Policies To the extent the Contractor or its subcontractors, affiliates or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor will have an information security policy that protects its systems and processes and media that may contain State Data from internal and external security threats and State Data from unauthorized disclosure, and will have provided a copy of such policy to the State. The Contractor shall provide the State with not less than thirty (30) days advance written notice of any material amendment or modification of such policies.

  • Safety Policy Each employer is required by law to have a safety policy and program. TIR will ask for and may require a copy of that policy and program.

  • Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.

  • Summary of Policy and Prohibitions on Procurement Lobbying Pursuant to State Finance Law §139-j and §139-k, this Contract includes and imposes certain restrictions on communications between OGS and a Vendor during the procurement process. A Vendor is restricted from making contacts from the earliest notice of intent to solicit offers/bids through final award and approval of the Procurement Contract by OGS and, if applicable, the Office of the State Comptroller (“restricted period”) to other than designated staff unless it is a contact that is included among certain statutory exceptions set forth in State Finance Law §139-j(3)(a). Designated staff, as of the date hereof, is identified in Appendix G, Contractor and OGS Information, or as otherwise indicated by OGS. OGS employees are also required to obtain certain information when contacted during the restricted period and make a determination of the responsibility of the Vendor pursuant to these two statutes. Certain findings of non-responsibility can result in rejection for contract award and in the event of two findings within a four-year period; the Vendor is debarred from obtaining governmental Procurement Contracts. Further information about these requirements can be found on the OGS website: ▇▇▇▇://▇▇▇.▇▇▇.▇▇.▇▇▇/aboutOgs/regulations/defaultSFL_139j-k.asp.