Information Technology and Security Clause Samples

Information Technology and Security. The employee is required to have the appropriate technology and security measures in place to perform the work that is outlined in their position description. In addition, the employee must have access to the College email system and any College systems and applications necessary to perform their tasks and duties. For systems that require virtual private network (VPN) access, the employee may request a VPN account through the OIT Work From Home Tools website. Note the VPN user agreement terms apply, i.e., safeguard data, your MyMC username and password. • The employee and their supervisor shall determine the minimum equipment and software necessary to telecommute. In determining which equipment (if any) shall be provided by the College, the employee’s supervisor may consult with the College’s IT department regarding needs. • The employee will implement sound information security practices by completing the required DataSecurity@MC training modules prior to commencing telework and pay extra attention to the Working Remotely and Cloud Services modules within Workday MC Learns. • The employee will immediately call in any security concerns or incidents to 240-567- 7222. • When working from their approved alternate (remote) work location the employee will adhere to all College policies, procedures and guidelines which are expressly incorporated by reference into, and made a part of, this Agreement. Specific policies related to the use of information technology and data security include:

Information Technology and Security. The employee and their supervisor shall determine the minimum equipment and software necessary for remote work. In determining which equipment (if any) shall be provided by the College, the employee’s supervisor may consult with the College’s IT department as to the appropriateness and availability. Any equipment provided by the College must be properly inventoried. This Agreement must be kept updated if equipment is returned or if new equipment is assigned. The employee must return any College property upon request. • The employee will adhere to all College policies and procedures, including those related to the use of information technology and data security. The employee will implement sound information security practices at their MWS, and will immediately confer with their supervisor should any security matters arise. • The employee is required to have the appropriate technology and security measures in place to perform the work as outlined in the flexible work arrangement agreement. In addition, the employee must have access to the College e-mail system and any College systems and applications necessary to perform the employee’s job responsibilities.

Information Technology and Security. (a) If applicable, the University acknowledges that, in connection with the services being provided hereunder, the Tenant may need to operate certain information technology systems, including, but not limited to, point-of-sale devices, e-commerce solutions, and computer hardware and software services and applications (collectively, “Non-University Systems”). The University further acknowledges that the Non-University Systems may need to interface with or connect to the University’s networks and information technology systems (collectively, “University Systems”). The University shall be solely responsible for all University Systems, and the Tenant shall be responsible for all non-University Systems, including taking reasonable security and privacy precautions including, but not limited to, network firewall protections, anti-virus software, and the ability to maintain regular patching levels of mission-critical software. (b) Nothing herein shall be construed by Tenant that University is or intends to be an Internet Service Provider as defined under applicable law. (c) ▇▇▇▇▇▇ agrees that it shall comply with all rules regulations, and procedures implemented by the University for the protection and security of its information technology systems and networks.

Information Technology and Security. (a) Each Exchange shall provide OCC with the current name(s) and contact information for Exchange employee(s) who shall have the requisite expertise and authority (each an “Exchange Designated Contact”) to assist OCC in the resolution of operational, technology and information security matters related to the provision of services to such Exchange under this Agreement. The Exchange shall make an Exchange Designated Contact available during Exchange trading hours and applicable OCC processing times (e.g., evening and expiration processing, etc.) as communicated by OCC from time to time. (b) OCC shall provide each Exchange with the current name(s) and contact information for OCC’s employee(s) who shall have the requisite expertise and authority (each an “OCC Designated Contact”) to assist each Exchange in the resolution of operational, technology and information security matters related to the provision of services to such Exchange under this Agreement. OCC shall make an OCC Designated Contact available during Exchange trading hours and applicable OCC processing times (e.g., evening and expiration processing, etc.) as communicated to each Exchange from time to time. (c) Each Exchange shall promptly notify OCC and provide ongoing updates of an incident related to the Exchange that could reasonably be expected to affect OCC’s ability to perform the services for such Exchange outlined in this Agreement. Exchange agrees to provide OCC information relating to the incident upon OCC’s reasonable request. (d) OCC shall promptly notify each Exchange and provide ongoing updates of an incident related to OCC that could reasonably be expected to affect the Exchange’s ability to receive the services for such Exchange outlined in this Agreement. OCC agrees to provide each Exchange information relating to the incident upon an Exchange’s reasonable request. (e) OCC and each Exchange agree to take reasonable steps to comply with applicable cybersecurity regulations, including Regulation Systems Compliance and Integrity (“Regulation SCI”), and to promptly contain and remedy any incident arising under subsection 19(c) and 19(d) in accordance with applicable law. (f) Cyber-Related Incidents. Upon notification by an Exchange pursuant to paragraph (c) of this Section 19 of an incident involving a cyber-related disruption or intrusion of the Exchange, including but not limited to any “systems intrusion”, “systems disruption” or “systems compliance issue” regarding an “SCI system” o...

Information Technology and Security. The employee and their supervisor shall determine the minimum equipment and software necessary to telecommute. In determining which equipment (if any) shall be provided by the College, the employee’s supervisor may consult with the College’s IT department regarding needs. • The employee will adhere to all College policies and procedures, including those related to the use of information technology and data security. The employee will implement sound information security practices at their AWL, and will immediately confer with their supervisor should any security matters arise. • The employee is required to have the appropriate technology and security measures in place to perform the work as outlined in the flexible work arrangement agreement. In addition, the employee must have access to the College e-mail system and any College systems and applications necessary to perform the employees job responsibilities.

Information Technology and Security