CMS INFORMATION SECURITY PROGRAM Sample Clauses

CMS INFORMATION SECURITY PROGRAM. The CMS IS Program helps CMS accomplish its mission by ensuring the CIA of CMS information resources. The CMS IS Program has developed policies, standards, procedures, and guidelines that ensure the adequate protection of agency information and comply with federal laws and regulations. CMS monitors the security of its network twenty-four (24) hours a day, seven (7) days a week (i.e., 24/7) through various management, operational, and technical processes. Training initiatives are continuously updated to ensure that managers, users, and technical personnel are aware that they are responsible for the adequate security of their information systems.
Sample 1Sample 2See All (4)
AutoNDA by SimpleDocs

Related to CMS INFORMATION SECURITY PROGRAM

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.

  • Personal Information security breach Supplier/Service Provider’s Obligations

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Contractor Information The Contractor will provide up to date information for each of the following in the form and manner specified by OGS:

  • Security Program Contractor will develop and implement an effective security program for the Project Site, which program shall require the Contractor and subcontractors to take measures for the protection of their tools, materials, equipment, and structures. As between Contractor and Owner, Contractor shall be solely responsible for security against theft of and damage of all tools and equipment of every kind and nature and used in connection with the Work, regardless of by whom owned.

  • Information Security Requirements In cases where the State is not permitted to manage/modify the automation equipment (server/computer/other) that controls testing or monitoring devices, the Contractor agrees to update and provide patches for the automation equipment and any installed operating systems or applications on a quarterly basis (at minimum). The Contractor will submit a report to the State of updates installed within 30 days of the installation as well as a Plan of Actions and Milestones (POA&M) to remediate any vulnerabilities ranging from Critical to Low. The contractor will provide an upgrade path or compensatory security controls for any operating systems and applications listed as beyond “end-of-life” or EOL, within 90 days of the EOL and complete the EOL system’s upgrade within 90 days of the approved plan.

  • Verizon OSS Information 8.5.1 Subject to the provisions of this Section 8, in accordance with, but only to the extent required by, Applicable Law, Verizon grants to CBB a non-exclusive license to use Verizon OSS Information.

  • Contractor Sensitive Information 17.1 The Authority must:

  • Use of De-identified information De-identified information may be used by the Contractor for the purposes of development, research, and improvement of educational sites, services, or applications, as any other member of the public or party would be able to use de-identified data pursuant to 34 CFR 99.31(b). Contractor agrees not to attempt to re-identify de-identified Student Data.

  • Vendor Information Vendor understands that as part of Hinsdale Central School District’s obligations under New York Education Law Section 2-d, Vendor is responsible for providing Hinsdale Central School District with Vendor information (see Vendor Information for Data Privacy and Security) to include:

Time is Money Join Law Insider Premium to draft better contracts faster.