Information Systems Acquisition Development and Maintenance Sample Clauses

Information Systems Acquisition Development and Maintenance a. Client Data – Client Data will only be used by State Street for the purposes specified in this Agreement.

Information Systems Acquisition Development and Maintenance. Security of System Files. To protect City Information Processing Systems and system files containing information, Service Provider will ensure that access to source code is restricted to authorized users whose specific job function necessitates such access.

Information Systems Acquisition Development and Maintenance. Contractor shall utilize a comprehensive application security program to help ensure that external high-risk applications are consistent with industry security requirements. This should include full application compliance testing and software development reviews.

Information Systems Acquisition Development and Maintenance. ● Product features are managed through a formalized product management process. Security requirements are discussed and formulated during scoping and design discussions. ● XxxXxxx maintains a QA Department dedicated to reviewing and testing application functionality and stability. ● Application source code is stored in a central repository. Access to source code is limited to authorized individuals. ● Changes to MaxMind software are tested before production deployment. Deployment processes include unit testing at the source environment, as well as integration and functional testing within a test environment prior to implementation in production.

Information Systems Acquisition Development and Maintenance. 8.1. The Manufacturer must implement appropriate procedures to validate input data and to detect data corruption. 8.2. The Manufacturer must implement and update baseline security configurations for its Information Systems in accordance with industry best practices. 8.3. The Manufacturer must maintain written documentation of its ownership of all software licenses, master disks and manuals used to support the Services. The Manufacturer must take all commercially reasonable steps to ensure that all software used to support the Services is kept up to date (at least N-1) and is supported by the software vendor. 8.4. The Manufacturer must ensure that no Altria Data containing Highly Confidential, Personal Information or Ultra Trade Secret Information is stored in a non-production environment.

Information Systems Acquisition Development and Maintenance. ‌ The Bourse will: (i) evaluate new equipment for known vulnerabilities prior to installation if such new equipment is used directly or indirectly in the performance of LOPR; (ii) secure the new equipment at installation time by changing default support passwords, disabling or removing any unused services, and applying any applicable security patches; comply with defined security controls, testing and backup required for any Bourse- developed support tools to be run in the AP’s environment;‌ (iii) maintain all code related to support tools developed for the AP only within the AP’s environment and only following the industry best practices; (iv) employ industry best practices for secure code development when developing code on the AP’s behalf, which is to include a code review for security vulnerabilities when developing code on the AP’s behalf; (v) successfully test all system changes before implementation, with all software testing provided for use with outsourcing arrangement will be fully tested to an agreed standard;‌ (vi) manage software tests within a structured testing regime which includes as a minimum: functional testing, integration testing, security testing, performance testing, acceptance testing, independent testing, and regression testing of system software version compatibility; (vii) maintain procedures to ensure the proper certification and acceptance of products after testing and such software certification will include as a minimum: customer acceptance, design authority acceptance, test certification, and customer handover procedures; (viii) demonstrate that its testing regime is able to adequately manage test data; and (ix) not use Confidential Information for testing purposes.

Information Systems Acquisition Development and Maintenance. As shown in the above Data Access and Storage matrix, AvePoint employees do not have access to Customer Data. If applicable (e.g. for AvePoint’s Cloud Backup product), Customer Data will be processed by the AvePoint application solely for the purposes specified in each applicable agreement with a customer. Additionally, the following shall apply: • No customer production data is used for any other purpose (e.g., QA testing, development testing, User Acceptance Test areas (UAT), training, demonstration, etc.). • The production environment is a separate environment from any other non- production environment (e.g., development, UAT, etc.).

Information Systems Acquisition Development and Maintenance. 12.1. Input Data Validation. Supplier shall apply checks to the input of business transactions, standing data, parameter tables and Buyer’s data into applications and databases when system development is being performed to ensure that data is correct and appropriate.

Information Systems Acquisition Development and Maintenance. 9.1 NOT USED 9.2 The Contractor shall perform monitoring, security information and event correlation of: 9.2.1 the Service Audit Trails and Security Audit Trails; 9.2.2 Security Logs from all devices used in connection with the provision of the Services; and

Information Systems Acquisition Development and Maintenance. (a) Fund Data – Fund Data shall only be used by State Street for the purposes specified in the Existing Agreement.