Application Source Code Security Sample Clauses

Application Source Code Security. Contractor shall: 1. Implement all security requests and password reset requests associated with applications code subject to IOT and State Entity User approval on all data or information requests 2. Install, when required, and maintain source control software in compliance with IOT’s standards and methodology. 3. Monitor and restrict access to source code and IOT Data in accordance with IOT policies 4. Comply with Ad Hoc, annual audit, and regulatory requests 5. Perform IOT Data/source code security audits, and report test results 6. Immediately report any security violations to IOT 7. Promptly report to IOT any SSAE-18 compliance issues or e-discovery issues as such issues become known to the Contractor. Contractor must create a security risk assessment for new and modified applications to identify potential threats and vulnerabilities and proposed prevention measures.

Application Source Code Security a. IBM will: (1) implement VMU approved security and password change requirements associated with Application code and executable modules; (2) monitor and restrict access to Application source code and data; (3) upon VMU’s request, comply with ad hoc, annual audit and regulatory requests; (4) perform Application source code and data security audits and provide such results to VMU; and (5) report security violations. b. VMU will provide requirements for IBM to comply with ad hoc, annual audit and regulatory requests.