Ongoing Security Testing. Vendor will periodically test its systems for potential areas where security could be breached. During the term, to the extent Vendor engages a Third Party auditor to perform an SSAE 16 of Vendor’s operations, information security program, and/or disaster recovery/business continuity plan, Vendor shall promptly furnish a copy of the test report or audit report to OCIO or its Authorized Contractors. In addition, Vendor shall disclose its non- proprietary security processes and technical limitations to OCIO or its Authorized Contractors to enable OCIO to identify compensating controls necessary to adequately safeguard and protect Customer Data, or to otherwise assist OCIO or any other Governmental Entity in complying with any laws, rules, regulations, orders, or corresponding audits. For example, Vendor shall disclose its security processes with respect to virus checking and port sniffing to OCIO.
Appears in 1 contract
Sources: Security Terms
Ongoing Security Testing. Vendor will periodically test its systems for potential areas where security could be breached. During the term, to the extent Vendor engages a Third Party auditor to perform an SSAE 16 18 of Vendor’s operations, information security program, and/or disaster recovery/business continuity plan, Vendor shall promptly furnish a copy of the test report or audit report to OCIO or its Authorized Contractors. In addition, Vendor shall disclose its non- proprietary security processes and technical limitations to OCIO or its Authorized Contractors to enable OCIO to identify compensating controls necessary to adequately safeguard and protect Customer Data, or to otherwise assist OCIO or any other Governmental Entity in complying with any laws, rules, regulations, orders, or corresponding audits. For example, Vendor shall disclose its security processes with respect to virus checking and port sniffing to OCIO. All such disclosures to OCIO will be treated as confidential information and not released to public review except as required by law.
Appears in 1 contract