Information Security Review Sample Clauses

Information Security Review. Xxxxxx’x reserves the right to perform information security reviews on any systems or applications used by Supplier to provide services to Xxxxxx’x. The security reviews can include physical inspection, external scan, code review, process reviews, and reviews of system configurations(“Security Reviews”). The Security Reviews shall be conducted at Xxxxxx’x discretion, by Xxxxxx’x or its designee (who shall be a reputable security firm), and at Xxxxxx’x expense unless provided otherwise. Supplier shall grant permission to Xxxxxx’x to perform the Security Reviews. Xxxxxx’x actions or results from any Security Reviews shall be the sole property of Xxxxxx’x and may not be utilized or relied on by Supplier in any way, except as set forth by Xxxxxx’x in performance of services hereunder. Should any Security Review result in the discovery of material security risks to the network used by Supplier to perform services for Xxxxxx’x, Supplier shall be solely responsible for the cost of the Security Reviews. Xxxxxx’x shall immediately notify Supplier of such risks and Supplier shall respond to Xxxxxx’x in writing within three days with Supplier’s plan to take reasonable measures to promptly correct, repair, modify the said network or application to effectively eliminate the risk at no cost to Xxxxxx’x.
Sample 1Sample 2Sample 3See All (4)
AutoNDA by SimpleDocs
Information Security Review. (a) The information security reviews (Reviews) may include physical inspection, external scan, internal scan, code review, process reviews (both business and technical), reviews of system configurations, and intrusion testing. To the extent software is required for a Review, off the shelf software will be used.‌
Sample 1
Information Security Review. During the Term, Triad and/or the Eligible Recipients may perform information security reviews on any Systems, Equipment, Software, network(s) or facilities used by Supplier to provide the Services hereunder (“Reviews”). The Reviews may include physical inspection, external scan, internal scan, code review, process reviews and reviews of system configurations. The Reviews may be conducted, at Triad’s discretion and at Triad’s or the Eligible Recipient’s expense, by Triad, an Eligible Recipient or their designee(s). The Parties shall mutually agree upon the scope and methodology of such Reviews; provided, Supplier shall not unreasonably withhold or delay its agreement to such scope and methodology. Supplier hereby grants permission to Triad to perform the Reviews per the agreed upon scope and methodology; provided, however, any such Review shall be conducted by Triad or its external auditors or (as the Parties reasonably agree) other designees, as applicable, in compliance with the provisions of Sections 9.10(e) as if such Review were an audit subject to such Section. To the fullest extent permitted by Law, Supplier hereby waives the benefit of any state or federal law which may provide a cause of action against Triad or the Eligible Recipients based upon Reviews permitted under this Section and conducted pursuant to the agreed upon scope and methodology. Should any Review result in the discovery of material security risks to the Systems, Equipment, Software, network(s) or facilities used by Supplier to provide the Services hereunder, Triad shall promptly notify Supplier of such risks, and Supplier shall respond to Triad in writing within three (3) days with Supplier’s plan to take reasonable measures to promptly correct, repair, or modify the applicable System, Equipment, Software, network or facility to effectively eliminate such risks, subject to Section 9.6. Upon approval by Triad, Supplier shall implement such plan as quickly as practicable.
Sample 1
Information Security Review. So long as Customer operates in a dedicated environment and network, Customer reserves the right to perform periodic information security reviews on any dedicated environment, applications and/or facilities used by Vendor to provide Services to Customer hereunder (Reviews) such right being contingent upon Customer providing Vendor with written notice of each such Review and a description of all tests to be conducted during such Review at least five (5) days prior to the occurrence of each such Review. The Reviews shall include, but not be limited to, physical inspection, external scan, internal scan, code review, process reviews and reviews of system configurations. The Reviews shall be conducted in Customer’s discretion, by Customer or its designee (who will be a nationally known security firm), and at Customer’s expense in accordance with and based upon SAS 70 Type II requirements and standards. Vendor hereby grants permission to Customer to perform the Reviews. To the fullest extent permitted by law, Vendor hereby waives the benefit of any state or Federal law which may provide a cause of action against Customer based on actions permitted under this Section. Should any Review result in the discovery of material security risks under SAS 70 Type II standards to (a) the network used by Vendor to perform Services for Customer (excluding Customer’s network), (b) the application used by Vendor to perform Services for Customer, or (c) any Vendor Service Center used by Vendor to perform services for Customer, Customer shall immediately notify Vendor of such risks and Vendor shall respond to Customer in writing within three (3) days with Vendor’s plan to promptly correct, repair or modify the said network or application or facility to effectively eliminate the risk (each a Remediation Plan). Any such Remediation Plan shall call for the security risk to be corrected, repaired or modified, as applicable, in accordance with SAS 70 Type II standards, within thirty (30) days. Should Vendor fail to remedy any identified security risk within the time frame agreed upon by the parties, and in any event within thirty (30) days, Customer may withhold payment of all Fees. Customer must pay Fees withheld upon remediation of the identified risk with no accumulated interest. Should Customer identify any material security risk other than those under SAS 70 Type II standards, Vendor’s Remediation Plan shall call for Vendor to use commercially reasonable best efforts to correct, ...
Sample 1

Related to Information Security Review

  • Information Security IET information security management practices, policies and regulatory compliance requirements are aimed at assuring the confidentiality, integrity and availability of Customer information. The UC Xxxxx Cyber-safety Policy, UC Xxxxx Security Standards Policy (PPM Section 310-22), is adopted by the campus and IET to define the responsibilities and key practices for assuring the security of UC Xxxxx computing systems and electronic data.

  • Information Security Program (1) DTI shall implement and maintain a comprehensive written information security program applicable to the Personal Information ("Information Security Program") which shall include commercially reasonable measures, including, as appropriate, policies and procedures and technical, physical, and administrative safeguards that are consistent with industry standards, providing for (i) the security and confidentiality of the Personal Information, (ii) protection of the Personal Information against reasonably foreseeable threats or hazards to the security or integrity of the Personal Information, (iii) protection against unauthorized access to or use of or loss or theft of the Personal Information, and (iv) appropriate disposal of the Personal Information. Without limiting the generality of the foregoing, the Information Security Program shall provide for (i) continual assessment and re-assessment of the risks to the security of Personal Information acquired or maintained by DTI and its agents, contractors and subcontractors in connection with the Services, including but not limited to (A) identification of internal and external threats that could result in unauthorized disclosure, alteration or destruction of Personal Information and systems used by DTI and its agents, contractors and subcontractors, (B) assessment of the likelihood and potential damage of such threats, taking into account the sensitivity of such Personal Information, and (C) assessment of the sufficiency of policies, procedures, information systems of DTI and its agents, contractors and subcontractors, and other arrangements in place, to control risks; and (ii) appropriate protection against such risks.

  • Due Diligence Review; Information The Company shall make available, during normal business hours, for inspection and review by the Investors, advisors to and representatives of the Investors (who may or may not be affiliated with the Investors and who are reasonably acceptable to the Company), all financial and other records, all SEC Filings (as defined in the Purchase Agreement) and other filings with the SEC, and all other corporate documents and properties of the Company as may be reasonably necessary for the purpose of such review, and cause the Company’s officers, directors and employees, within a reasonable time period, to supply all such information reasonably requested by the Investors or any such representative, advisor or underwriter in connection with such Registration Statement (including, without limitation, in response to all questions and other inquiries reasonably made or submitted by any of them), prior to and from time to time after the filing and effectiveness of the Registration Statement for the sole purpose of enabling the Investors and such representatives, advisors and underwriters and their respective accountants and attorneys to conduct initial and ongoing due diligence with respect to the Company and the accuracy of such Registration Statement. The Company shall not disclose material nonpublic information to the Investors, or to advisors to or representatives of the Investors, unless prior to disclosure of such information the Company identifies such information as being material nonpublic information and provides the Investors, such advisors and representatives with the opportunity to accept or refuse to accept such material nonpublic information for review and any Investor wishing to obtain such information enters into an appropriate confidentiality agreement with the Company with respect thereto.

  • Access to Information; Independent Investigation Prior to the execution of this Agreement, the Subscriber has had the opportunity to ask questions of and receive answers from representatives of the Company concerning an investment in the Company, as well as the finances, operations, business and prospects of the Company, and the opportunity to obtain additional information to verify the accuracy of all information so obtained. In determining whether to make this investment, Subscriber has relied solely on Subscriber’s own knowledge and understanding of the Company and its business based upon Subscriber’s own due diligence investigation and the information furnished pursuant to this paragraph. Subscriber understands that no person has been authorized to give any information or to make any representations which were not furnished pursuant to this Section 2 and Subscriber has not relied on any other representations or information in making its investment decision, whether written or oral, relating to the Company, its operations and/or its prospects.

  • Information/Cooperation Executive shall, upon reasonable notice, furnish such information and assistance to the Bank as may be reasonably required by the Bank, in connection with any litigation in which it or any of its subsidiaries or affiliates is, or may become, a party; provided, however, that Executive shall not be required to provide information or assistance with respect to any litigation between Executive and the Bank or any other subsidiaries or affiliates.

  • Purchaser Information Each Purchaser covenants that it will promptly notify the Company of any changes in the information set forth in the Registration Statement regarding such Purchaser or such Purchaser's "Plan of Distribution."

  • Due Diligence Investigation Pubco shall be reasonably satisfied with the results of its due diligence investigation of the Company in its sole and absolute discretion.

  • Examination of Mortgage Loan Files and Due Diligence Review The Mortgage Loan Seller shall reasonably cooperate with any examination of the Mortgage Files for, and any other documents and records relating to, the Mortgage Loans, that may be undertaken by or on behalf of the Purchaser on or before the Closing Date. The fact that the Purchaser has conducted or has failed to conduct any partial or complete examination of any of the Mortgage Files for, and/or any of such other documents and records relating to, the Mortgage Loans, shall not affect the Purchaser’s right to pursue any remedy available in equity or at law for a breach of the Mortgage Loan Seller’s representations and warranties made pursuant to Section 4, except as expressly set forth in Section 5.

  • Information Package On each Reporting Date the Master Servicer shall deliver to the Administrative Agent and each Purchaser Agent, on behalf of such Purchaser Agent’s Purchaser Group, the relevant Information Package.

Time is Money Join Law Insider Premium to draft better contracts faster.