Common use of Security Certification Clause in Contracts

Security Certification. Contractor shall obtain and maintain ISO 27001 and/or 27002 certification and appropriate SOC 2 Type 2 audits during the term of this Agreement Upon request by city, Contractor shall also provide City annually a copy of its most recent/up-to date ISO certifications and SOC-2 statement. City will utilize a commercially available security scoring solution to regularly evaluate the externally accessible security posture of Contractor. If the security evaluation solution identifies Contractor’s security has reduced to an unacceptable level, then City will notify Contractor immediately. Contractor will have 30 days to review and resolve the security issue, or identify compensating controls that have been implemented.

Security Certification. Contractor shall obtain and maintain ISO 27001 and/or 27002 certification and appropriate SOC 2 Type 2 audits during the term of this Agreement Upon request by city, Contractor shall also provide City annually a copy of its most recent/up-to to-date ISO certifications and SOC-2 statement. City will utilize a commercially available security scoring solution to regularly evaluate the externally accessible security posture of the Contractor. If the security evaluation solution identifies Contractor’s security has reduced to an unacceptable level, then City will notify Contractor immediately. The Contractor will have 30 days to review and resolve the security issue, or identify compensating controls that have been implemented.

Security Certification. Contractor shall obtain and maintain ISO 27001 and/or 27002 certification and appropriate SOC 2 Type 2 audits during the term of this Agreement Upon request by city, Contractor shall also provide City annually a copy of its most recent/up-to date ISO certifications and SOC-2 statement. City will utilize a commercially available security scoring solution to regularly evaluate the externally accessible security posture of the Contractor. If the security evaluation solution identifies Contractor’s security has reduced to an unacceptable level, then City will notify Contractor immediately. Contractor will have 30 days to review and resolve the security issue, or identify compensating controls that have been implemented.

Security Certification. Contractor shall obtain and maintain ISO 27001 and/or 27002 certification and appropriate SOC 2 Type 2 audits during the term of this Agreement Upon request by cityCity, Contractor shall also provide City annually a copy of its most recent/up-to date ISO certifications and SOC-2 statement. City will utilize a commercially available security scoring solution to regularly evaluate the externally accessible security posture of Contractor. If the security evaluation solution identifies Contractor’s security has reduced to an unacceptable level, then City will notify Contractor immediately. Contractor will have 30 days to review and resolve the security issue, or identify compensating controls that have been implemented.