Security Awareness Training 1. The Contractor’s employees, Subcontractors/Vendors, and volunteers handling confidential, sensitive and/or personal identifying information must complete the required CDA Security Awareness Training module located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources within thirty (30) days of the start date of the Contract/Agreement, within thirty (30) days of the start date of any new employee, Subcontractor, Vendor or volunteer’s employment and annually thereafter.
Drug-Free Awareness Program Establish, as required by California Government Code Section 8355(a)(2), a Drug-Free Awareness Program which informs employees about:
Security Awareness and Training We have implemented and maintain an information security and awareness program that is delivered to employees and appropriate contractors at the time of hire or contract commencement and annually thereafter. The awareness program is delivered electronically and includes a testing aspect with minimum requirements to pass. Additionally, development staff members are provided with secure code development training.
Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.
Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.
Personal Information security breach Supplier/Service Provider’s Obligations
Trade Secrets, Commercial and Financial Information It is expressly understood that Mississippi law requires that the provisions of this contract which contain the commodities purchased or the personal or professional services provided, the price to be paid, and the term of the contract shall not be deemed to be a trade secret or confidential commercial or financial information and shall be available for examination, copying, or reproduction.
Wellness Program Nothing in this Agreement shall prevent a department or agency from recommending experimental “fitness” type programs and reward programs involving wellness promotion activities. Any such activities shall be funded from the department’s separate appropriation, after review by the Benefits Advisory Committee and approval by the Secretary of Administration, or designee.
Information Security Requirements In cases where the State is not permitted to manage/modify the automation equipment (server/computer/other) that controls testing or monitoring devices, the Contractor agrees to update and provide patches for the automation equipment and any installed operating systems or applications on a quarterly basis (at minimum). The Contractor will submit a report to the State of updates installed within 30 days of the installation as well as a Plan of Actions and Milestones (POA&M) to remediate any vulnerabilities ranging from Critical to Low. The contractor will provide an upgrade path or compensatory security controls for any operating systems and applications listed as beyond “end-of-life” or EOL, within 90 days of the EOL and complete the EOL system’s upgrade within 90 days of the approved plan.
Physical Fitness Program 42.1 The Joint Labor/Management Physical Fitness Committee consisting of four (4) members, two (2) appointed by the Chief of Department and two (2) appointed by the Union shall develop a physical fitness program for the Department to maintain and improve the health and fitness of members and reduce injuries. The employees appointed by the Union shall receive reasonable time off without loss of compensation or other benefits for the purpose of participating in meetings of the Joint Labor/Management Physical Fitness Committee.
