Assigned Security Responsibility. Seller shall designate a security official responsible for the development, Testing – Seller shall regularly test the key controls, systems and procedures of its Information Security Program to ensure that they are properly implemented and effective in addressing the threats and risks identified. Tests should be conducted or reviewed by independent third parties or staff independent of those that develop or maintain the security programs. Adjust the Program – Seller shall monitor, evaluate, and adjust, as appropriate, the Information Security Program in light of any relevant changes in technology or industry security standards, the sensitivity of the Raytheon Data, internal or external threats to Seller or the Raytheon Data, requirements of applicable work orders, and Seller’s own changing business arrangements, such as mergers and acquisitions, alliances and joint ventures, outsourcing arrangements, and changes to information systems.
Appears in 2 contracts