Security Management. The Contractor shall comply with the requirements of the DOD 5200.1-M and the DD Form 254. Security of the Contractor’s electronic media shall be in accordance with the above documents. Effective Program Security shall require the Contractor to address Information Security and Operations Security enabled by the Security Classification Guides. The Contractor’s facility must be able to handle and store material up to the Classification Level as referenced in Attachment J-01, DD Form 254.
Security Management. 7.4.4. Within three (3) months after the Effective Date, the CONTRACTOR will prepare and deliver to the CUSTOMER for approval full documentation of the processes listed at paragraphs 8.4.2 and 8.4.3 of this Schedule and to a standard sufficient to achieve ISO 20000 certification. If the documentation is not approved by the CUSTOMER, the CONTRACTOR shall amend it within fifteen (15) Working Days of a notice of non- approval and re-submit to the CUSTOMER for approval. No approval to be given by the CUSTOMER pursuant to this paragraph 8.4.4 may be unreasonably withheld or delayed.
Security Management a. Security policy and procedures: Processor must document a security policy with regard to the processing of personal data.
Security Management. Partner maintains a written information security management system (ISMS), in accordance with this Appendix, that includes policies, processes, enforcement and controls governing all storage/processing/transmitting of Personal Data, designed to (a) secure Personal Data against accidental or unlawful loss, access or disclosure; (b) identify reasonable foreseeable and internal risks to security and authorized access to Partner Network, and (c) minimize security risks, including through risk assessment and regular testing. The information security program will include the following measures: Partner actively follows information security trends and developments as well as legal developments with regards to the services provided and especially with regards to Personal Data and uses such insights to maintain its ISMS, as appropriate. To the extent Partner process cardholder or payment data (such as payment or credit cards), Partner will maintain its ISMS in accordance with the PCI DSS standard, augmented to cover Personal Data, or such other alternative standards that are substantially equivalent to PCI DSS for the establishment, implementation, and control of its ISMS. Additionally, Partner will be assessed against PCI DSS annually by an on-site assessment carried out by an independent QSA (Qualified Security Assessor) and upon Company's request, not to exceed once annually, Partner will provide customer with PCI DSS Attestation of Compliance.
Security Management. Ensuring desired levels of protection for Federal systems, data, and related assets are achieved (e.g., identification/authentication, access control, encryption, intrusion detection, verification, digital signature, user management, role/privilege management, audit trail capture/analysis). Collaboration: Communications, messaging, information sharing, scheduling and task management activities (e.g., email, threaded discussions, document library, shared calendaring, task management). Search: Searching, querying, and retrieving data from multiple sources (e.g., precision/recall ranking, classification, pattern matching) Communications: Voice, data, and video communications in multiple formats and protocols (e.g., real time chat, instant messaging, audio/video conferencing, event/news management, community management support, computer/telephony integration, voice communications).
Security Management. Service Provider's delivery of Security Management shall be an integral part of the other IT disciplines and deployed across all Service Components to ensure that requirements, as defined in Exhibit 17, are met and verified. Security Management shall assess all risks associated with the delivery of Services are appropriately identified, evaluated, assessed and appropriate controls are implemented and maintained. Service Provider’s responsibilities include:
Security Management. The Contractor shall appoint a senior official to act as the Corporate Security Officer. The individual will interface with OSI through the COR on all security matters, to include physical, personnel, and protection of all Government information and data accessed by the Contractor. The COR and OSI shall have the right to inspect the procedures, methods, and facilities utilized by the Contractor in complying with the security requirements under this contract. Should the COR determine that the Contractor is not complying with the security requirements of this contract the Contractor will be informed in writing by the Contracting Officer of the proper action to be taken in order to effect compliance with such requirements. The Contractor shall be responsible for all damage or injuries resulting from the acts or omissions of their employees and/or any subcontractor(s) and their employees to include financial responsibility.
Security Management. The Contractor shall appoint a senior official to act as the Corporate Security Officer. The individual will interface with the OPR-PSU through the COTR on all security matters, to include physical, personnel, and protection of all Government information and data accessed by the Contractor. The COTR and the OPR-PSU shall have the right to inspect the procedures, methods, and facilities utilized by the Contractor in complying with the security requirements under this contract. Should the COTR determine that the Contractor is not complying with the security requirements of this contract, the Contractor will be informed in writing by the Contracting Officer of the proper action to be taken in order to effect compliance with such requirements. The following computer security requirements apply to both Department of Homeland Security (DHS) operations and to the former Immigration and Naturalization Service operations (FINS). These entities are hereafter referred to as the Department.
Security Management. All services provided by Planet Payment to Acquirer are subject to the security requirements stipulated in the main body of the Agreement. Planet Payment will treat all security incidents as critical incidents and include all security incidents (if any) in the regular reporting with all critical incidents.
Security Management. 3.1 The Operator shall operate a security management function in relation to the Operator Systems. This shall include having:
