Deviations from IBM Data Security and Privacy Principles. The security testing and vulnerability assessments as described in Section 9.a(2) of the IBM Data Security and Privacy Principles at ▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/cloud/data-security are not performed before every production release but upon each significant change and in no event less than annually. The vulnerability scanning as described in Section 9.a(4) of the IBM Data Security and Privacy Principles at ▇▇▇▇://▇▇▇.▇▇▇.▇▇▇/cloud/data-security is not fully automated but rather some vulnerability scans are performed manually.
Appears in 2 contracts