SSA Security Posture Sample Clauses

SSA Security Posture. OCSE requires SSA to demonstrate its security posture before receiving NDNH information and, periodically thereafter, by providing a copy of the Authorization to Operate (ATO) for the SSA environment that will house the NDNH information on SSA premises. The SSA ATO was signed on 10/11/2018. OCSE considers the evidence that the SSA environment is in compliance with the security requirements in this security addendum. The effective period for an ATO is three years, which means OCSE maintains the right to request an updated ATO signature if the signature date on file expires during this agreement. SSA is only authorized to process, transmit, and store NDNH information in the SSA environment and premises.
View SourceView Similar (5)
SSA Security Posture. OCSE requires SSA to demonstrate its security posture before receiving NDNH information and, periodically thereafter, by providing a copy of the Authorization to Operate (ATO) for the SSA environment that will house the NDNH information on SSA premises. SSA is only authorized to process, transmit, and store NDNH information in the SSA environment and premises.
View SourceView Similar (2)
SSA Security Posture. OCSE requires SSA to demonstrate its security posture before receiving NDNH information and periodically thereafter, by providing a copy of the Authorization to Operate (ATO) for the SSA environment that will house NDNH information on SSA premises. The SSA ATO was signed on February 25, 2022. OCSE considers this evidence that the SSA environment is in compliance with the security requirements in this security addendum. The effective period for an ATO is three years. SSA must provide a signed ATO letter whenever the ATO signature date on file with OCSE expires during this agreement. Failure to provide an updated ATO may result in the termination of this agreement. SSA is only authorized to process, transmit, and store NDNH information in the SSA environment and premises.
View Source

Related to SSA Security Posture

  • Security Policy As part of PCI DSS, the Card Organizations require that you have a security policy that covers the security of credit card information.

  • Security Policies To the extent the Contractor or its subcontractors, affiliates or agents handles, collects, stores, disseminates or otherwise deals with State Data, the Contractor will have an information security policy that protects its systems and processes and media that may contain State Data from internal and external security threats and State Data from unauthorized disclosure, and will have provided a copy of such policy to the State. The Contractor shall provide the State with not less than thirty (30) days advance written notice of any material amendment or modification of such policies.

  • Security Management The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.

  • UNION SECURITY AND CHECKOFF 5:01 It shall be a condition of continued employment for all employees including probationary employees, as defined in Article 2, to become members and maintain membership in good standing in the Union. 5:02 The Corporation agrees to deduct from the earnings of all employees, including probationary employees, covered by this Agreement, an amount each month as dues and upon completion of the probationary period an amount for the initiation fee. The amount of such dues and initiation fees shall be advised in writing by the I.B.E.W., Local 2351 and changes to such amounts shall be advised not less than four (4) weeks prior to the effective date. Dues collected shall be remitted within ten (10) days after each pay period, to the designated official of the Union along with a statement of the names, in alphabetical order, and amounts deducted from each employee. The statement will also include the names of employees whose wages are insufficient to permit such deduction and the Corporation will only be obligated to make such deduction from the immediate subsequent pay period. Employees on recall status must be members in good standing of the Union in order to be recalled. 5:03 The Union agrees that neither it nor any of its officers or members will engage in Union activities on Corporation time, or Corporation work area, except as provided in this Agreement. 5:04 The Union shall indemnify and save the Corporation harmless against any and all claims, demands, suits or other forms of liability that shall arise from or by reason of action taken or not taken by the Corporation for the purpose of complying with this Article. 5:05 The Corporation will submit monthly to the Union a list of the dates of new hires, terminations and transfers to and from the Bargaining Unit for the previous month. 5:06 The Union agrees to furnish the Corporation with the names of all personnel including officers, representatives, stewards and committee people who are authorized to represent the Union in its relations with the Corporation. 5:07 The Corporation agrees to supply all employees with a copy of the Collective Agreement and will endeavour to do so within one (1) month after receipt from the printer. 5:08 The Corporation shall provide bulletin boards in designated areas for the posting of Union notices dealing with meetings, election of officers, appointments and committees, social affairs and other non-controversial matters dealing with the affairs of the Union. No bulletin shall be posted until approved by the Human Resources Division or the designated Corporate representative.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks. (2) The Information Security Program shall require encryption of any Personal Information in electronic format while in transit or in storage, and enhanced controls and standards for transport and disposal of physical media containing Personal Information. DTI shall, and shall require its agents, contractors and subcontractors who access or use Personal Information or Confidential Information to, regularly test key controls, systems and procedures relating to the Information Security Program ("ISP Tests"). DTI shall advise the Funds of any material issues identified in the ISP Tests potentially affecting the Information Security Program. (3) DTI shall comply with its Information Security Program.