Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data. 13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations. 13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested. 13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form. 13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss. 13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with: 13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy: 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets 13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: 13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: 13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles 13.6.6 buyer requirements in respect of AI ethical standards. 13.7 The Buyer will specify any security requirements for this project in the Order Form. 13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer. 13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure. 13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 7 contracts
Sources: Call Off Contract, Call Off Contract, Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇-
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-management- approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology- code-of-practice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 7 contracts
Sources: Call Off Contract, Call Off Contract, Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security - Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇- security-classifications
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive/sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of- practice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 2 contracts
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇- classifications
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 2 contracts
Sources: Call Off Contract, Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 2 contracts
Sources: Call Off Contract, Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 2 contracts
Sources: Call Off Contract, Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security - Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-management- approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive/sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 2 contracts
Sources: Call Off Contract, Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇- securityclassifications 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach risk- managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-and- assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 13.1 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 13.2 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 13.3 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies policy and all Buyer requirements in the Order Form.
13.5 13.4 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 13.5 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 : ● the principles in the Security Policy Framework: Framework at ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policypolicy at ▇▇▇▇▇:
13.6.2 //▇▇▇.▇▇▇.▇▇/government/publications/government-security-classifications ● guidance issued by the Centre for Protection of National Infrastructure on Risk Management: Management at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection Accreditation of Sensitive Information and Assets: Systems at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 and- assets ● the National Cyber Security Centre’s (NCSC) information risk management guidance, available at ▇▇▇▇▇:
13.6.4 //▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/risk-management-collection ● government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint, available at ▇▇▇▇▇:
13.6.5 //▇▇▇.▇▇▇.▇▇/government/publications/technology-code- of-practice/technology-code-of-practice ● the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: guidance at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-security- principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 13.6 The Buyer will specify any security requirements for this project in the Order Form.
13.8 13.7 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 13.8 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 13.9 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 13.1 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 13.2 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 13.3 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer▇▇▇▇▇’s security policies policy and all Buyer requirements in the Order Form.
13.5 13.4 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 13.5 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 : ● the principles in the Security Policy Framework: Framework at ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policypolicy at ▇▇▇▇▇:
13.6.2 //▇▇▇.▇▇▇.▇▇/government/publications/government-security- classifications ● guidance issued by the Centre for Protection of National Infrastructure on Risk Management: Management at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection Accreditation of Sensitive Information and Assets: Systems at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 assets ● the National Cyber Security Centre’s (NCSC) information risk management guidance, available at ▇▇▇▇▇:
13.6.4 //▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/risk-management-collection ● government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint, available at ▇▇▇▇▇:
13.6.5 //▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of-practice/technology- code-of-practice ● the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: guidance at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-security- principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 13.6 The Buyer will specify any security requirements for this project in the Order Form.
13.8 13.7 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 13.8 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 13.9 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s 's and Buyer’s 's security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s 's (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of-practice/technology
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s 's Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer▇▇▇▇▇’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of-practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data. Standards and quality
14.1 The Supplier will comply with any standards in this Call-Off Contract, the Order Form and the Framework Agreement.
14.2 The Supplier will deliver the Services in a way that enables the Buyer to comply with its obligations under the Technology Code of Practice, which is at: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of-practice/technology-code-of-practice
14.3 If requested by the Buyer, the Supplier must, at its own cost, ensure that the G-Cloud Services comply with the requirements in the PSN Code of Practice.
14.4 If any PSN Services are Subcontracted by the Supplier, the Supplier must ensure that the services have the relevant PSN compliance certification.
14.5 The Supplier must immediately disconnect its G-Cloud Services from the PSN if the PSN Authority considers there is a risk to the PSN’s security and the Supplier agrees that the Buyer and the PSN Authority will not be liable for any actions, damages, costs, and any other Supplier liabilities which may arise. Open source
15.1 All software created for the Buyer must be suitable for publication as open source, unless otherwise agreed by the Buyer.
15.2 If software needs to be converted before publication as open source, the Supplier must also provide the converted format unless otherwise agreed by the Buyer.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-policy- framework and the Government Security - Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇- security-classifications 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-management- approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive/sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk- management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of- practice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-security- principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
: 13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach risk- managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security - Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and/sensitiveinformation-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-ofpractice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-policy- framework and the Government Security Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇- securityclassifications 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach risk- managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-/protection- sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk- management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of- practice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇- classifications
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇- securityclassifications 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach risk- managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-and- assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of- practice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach risk- managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: G Cloud 13 Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach risk- managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: G Cloud 13 Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assetsrisk-
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection/collection/risk-sensitivemanagement-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: G Cloud 13 Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The Buyer acknowledges and accepts Data storage and Buyer Data Processing will be conducted at a subcontracted data centre in the UK. Support (where required) shall be provided from locations in the USA and Israel.
13.11 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework security- policyframework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇ tyclassifications
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach adopt- riskmanagementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive/protectionsensitive-information-and-and- assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/riskmanagement-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode- ofpractice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principlescloud- securityprinciples
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach managementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology -code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will promptly notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
: 13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-/protection sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-security principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary necessary, to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: G Cloud 12 Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:: https:/▇▇▇.▇▇▇.▇▇/▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇▇▇/▇▇▇▇▇▇▇▇▇▇-▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇▇
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive/sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology - code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of-practice/ technology-code-of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security - Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach riskmanagementapproach and Protection of Sensitive Information and Assets: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive/sensitive-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/collection/risk-management-collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/technologycode-of-practice/technology code- of-practice
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer Buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 the principles in the Security Policy Framework: ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policy:
13.6.2 guidance issued by the Centre for Protection of National Infrastructure on Risk Management: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection of Sensitive Information and Assets:
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection/collection/risk-sensitivemanagement-information-and-assets
13.6.3 the National Cyber Security Centre’s (NCSC) information risk management guidance:collection
13.6.4 government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint:
13.6.5 the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 13.1 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 13.2 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 13.3 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies policy and all Buyer requirements in the Order Form.
13.5 13.4 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 13.5 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 : • the principles in the Security Policy Framework: Framework at ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policypolicy at ▇▇▇▇▇:
13.6.2 //▇▇▇.▇▇▇.▇▇/government/publications/government-security- classifications • guidance issued by the Centre for Protection of National Infrastructure on Risk Management: Management at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-management- approach and Protection Accreditation of Sensitive Information and Assets: Systems at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 assets • the National Cyber Security Centre’s (NCSC) information risk management guidance, available at ▇▇▇▇▇:
13.6.4 //▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/risk-management- collection • government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint, available at ▇▇▇▇▇:
13.6.5 //▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of- practice/technology-code-of-practice • the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: guidance at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 13.6 The Buyer will specify any security requirements for this project in the Order Form.
13.8 13.7 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 13.8 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.
13.10 13.9 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: G Cloud 10 Call Off Contract
Buyer Data. 13.1 The Supplier must not remove any proprietary notices in the Buyer Data.
13.2 The Supplier will not store or use Buyer Data except if necessary to fulfil its obligations.
13.3 If Buyer Data is processed by the Supplier, the Supplier will supply the data to the Buyer as requested.
13.4 The Supplier must ensure that any Supplier system that holds any Buyer Data is a secure system that complies with the Supplier’s and Buyer’s security policies policy and all Buyer requirements in the Order Form.
13.5 The Supplier will preserve the integrity of Buyer Data processed by the Supplier and prevent its corruption and loss.
13.6 The Supplier will ensure that any Supplier system which holds any protectively marked Buyer Data or other government data will comply with:
13.6.1 : ● the principles in the Security Policy Framework: Framework at ▇▇▇▇▇://▇▇▇.▇▇▇.▇▇/government/publications/security-policy-framework and the Government Security Classification policypolicy at ▇▇▇▇▇:
13.6.2 //▇▇▇.▇▇▇.▇▇/government/publications/government-security-classifications ● guidance issued by the Centre for Protection of National Infrastructure on Risk Management: Management at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/content/adopt-risk-management-approach and Protection Accreditation of Sensitive Information and Assets: Systems at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/protection-sensitive-information-and-assets
13.6.3 assets ● the National Cyber Security Centre’s (NCSC) information risk management guidance, available at ▇▇▇▇▇:
13.6.4 //▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/risk-management-collection ● government best practice in the design and implementation of system components, including network principles, security design principles for digital services and the secure email blueprint, available at ▇▇▇▇▇:
13.6.5 //▇▇▇.▇▇▇.▇▇/government/publications/technology-code-of-practice/technology-code-of-practice ● the security requirements of cloud services using the NCSC Cloud Security Principles and accompanying guidance: guidance at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/implementing-cloud-security-principles
13.6.6 buyer requirements in respect of AI ethical standards.
13.7 The Buyer will specify any security requirements for this project in the Order Form.
13.8 If the Supplier suspects that the Buyer Data has or may become corrupted, lost, breached or significantly degraded in any way for any reason, then the Supplier will notify the Buyer immediately and will (at its own cost if corruption, loss, breach or degradation of the Buyer Data was caused by the action or omission of the Supplier) comply with any remedial action reasonably proposed by the Buyer.
13.9 The Supplier agrees to use the appropriate organisational, operational and technological processes to keep the Buyer Data safe from unauthorised use or access, loss, destruction, theft or disclosure.. DRAFT
13.10 The provisions of this clause 13 will apply during the term of this Call-Off Contract and for as long as the Supplier holds the Buyer’s Data.
Appears in 1 contract
Sources: Call Off Contract