Common use of ISMS Clause in Contracts

ISMS. The Supplier shall develop and submit to the Contracting Authority for the Contracting Authority’s Approval, within twenty (20) working days after the Call Off Commencement Date or such other date as agreed between the Parties, an information security management system for the purposes of this Call Off Contract, which shall comply with the requirements of paragraphs 88.3 to 88.5 of this Call Off Schedule 7 (Security). The Supplier acknowledges that the Contracting Authority places great emphasis on the reliability of the performance of the Services, confidentiality, integrity and availability of information and consequently on the security provided by the ISMS and that the Supplier shall be responsible for the effective performance of the ISMS. The ISMS shall: unless otherwise specified by the Contracting Authority in writing, be developed to protect all aspects of the Services and all processes associated with the provision of the Services, including the Contracting Authority Premises, the Sites, any ICT, information and data (including the Contracting Authority’s Confidential Information and the Contracting Authority Data) to the extent used by the Contracting Authority or the Supplier in connection with this Call Off Contract; meet the relevant standards in ISO/IEC 27001 and ISO/IEC27002 in accordance with Paragraph 92;and at all times provide a level of security which: is in accordance with the Law and this Call Off Contract;

ISMS. The Supplier shall develop and submit to the Contracting Authority for the Contracting Authority’s Approval, within twenty (20) working days after the Call Off Commencement Date or such other date as agreed between the Parties, an information security management system for the purposes of this Call Off Contract, which shall comply with the requirements of paragraphs 88.3 3.3 to 88.5 3.5 of this Call Off Schedule 7 (Security). The Supplier acknowledges that the Contracting Authority places great emphasis on the reliability of the performance of the Services, confidentiality, integrity and availability of information and consequently on the security provided by the ISMS and that the Supplier shall be responsible for the effective performance of the ISMS. The ISMS shall: unless otherwise specified by the Contracting Authority in writing, be developed to protect all aspects of the Services and all processes associated with the provision of the Services, including the Contracting Authority Premises, the Sites, any ICT, information and data (including the Contracting Authority’s Confidential Information and the Contracting Authority Data) to the extent used by the Contracting Authority or the Supplier in connection with this Call Off Contract; meet the relevant standards in ISO/IEC 27001 and ISO/IEC27002 in accordance with Paragraph 92;and 7;and at all times provide a level of security which: is in accordance with the Law and this Call Off Contract;