COMPETENT SUPERVISORY AUTHORITY Identify the competent supervisory authority/ies in accordance with Clause 13 … ANNEX II - TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA EXPLANATORY NOTE: The technical and organisational measures must be described in specific (and not generic) terms. See also the general comment on the first page of the Appendix, in particular on the need to clearly indicate which measures apply to each transfer/set of transfers. Description of the technical and organisational measures implemented by the data importer(s) (including any relevant certifications) to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing, and the risks for the rights and freedoms of natural persons. [Examples of possible measures: • Measures of pseudonymisation and encryption of personal data • Measures for ensuring ongoing confidentiality, integrity, availability and resilience of processing systems and services • Measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident • Processes for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures in order to ensure the security of the processing • Measures for user identification and authorisation • Measures for the protection of data during transmission • Measures for the protection of data during storage • Measures for ensuring physical security of locations at which personal data are processed • Measures for ensuring events logging • Measures for ensuring system configuration, including default configuration • Measures for internal IT and IT security governance and management • Measures for certification/assurance of processes and products • Measures for ensuring data minimisation • Measures for ensuring data quality • Measures for ensuring limited data retention • Measures for ensuring accountability • Measures for allowing data portability and ensuring erasure]
Arbitrator's Jurisdiction The jurisdiction and authority of the arbitrator and his opinion and award shall be confined exclusively to the interpretation and/or application of the provision(s) of this Agreement at issue between the Union and the Administration. The arbitrator shall have no authority to add to, detract from, alter, amend, or modify any provision of this Agreement; to impose on either party a limitation or obligation not explicitly provided for in this Agreement; or to establish or alter any wage rate or wage structure. The arbitrator shall not hear or decide more than one grievance without the mutual consent of the Administration and the Union. The written award of the arbitrator on the merits of any grievance adjudicated within his jurisdiction and authority shall be final and binding on the aggrieved employee, the Union and the Administration, unless either party contests it before a court of competent jurisdiction as permitted by state law.
Arbitrator Authority The arbitrator shall have the sole and exclusive authority to determine whether a dispute, claim or cause of action is subject to arbitration under this Section and to determine any procedural questions which grow out of such disputes, claims or causes of action and bear on their final disposition.
Appeals a. Should the filer be dissatisfied with the Formal Dispute determination, a written appeal may be filed with the Chief Procurement Officer, by mail or email, using the following contact information: Chief Procurement Officer Procurement Services A Division of the Office of General Services 00xx Xxxxx, Xxxxxxx Xxxxx Xxxxxx Xxxxx Xxxxx Xxxxxx, XX 00000 Email: xxxxxxxx.xxxxxxxx@xxx.xx.xxx Subject line: Appeal – Attn: Chief Procurement Officer
