Security Controls Testing Sample Clauses
POPULAR SAMPLE Copied 1 times
Security Controls Testing. State Street shall, on approximately an annual basis, engage an independent external party to conduct periodic reviews of State Street’s information security practices. State Street shall have a process to review and evaluate high risk findings resulting from this testing.
Security Controls Testing. Transfer Agent shall, on approximately an annual basis, engage an independent external party to conduct periodic reviews of Transfer Agent’s information security practices. Transfer Agent shall have a process to review and evaluate high risk findings resulting from this testing.
Security Controls Testing. DST shall, on approximately an annual basis, engage an independent external party to conduct periodic reviews of DST’s information security practices. DST shall have a process to review and evaluate high risk findings resulting from this testing.
Security Controls Testing. ▇. ▇. ▇▇▇▇▇▇ shall regularly test its environment for potential security flaws, and perform vulnerability scanning at least quarterly and regular testing. ▇. ▇. ▇▇▇▇▇▇ shall, on at least an annual basis and at its own expense, engage an independent, accredited external party or internal team to conduct reviews of ▇. ▇. ▇▇▇▇▇▇’▇ information security practices, including but not limited to conducting a penetration test on its systems having access to or holding or containing MFS Data consistent with its internal vulnerability management practices. If such reviews and tests identify a weakness or vulnerability that would materially adversely impact ▇.▇. ▇▇▇▇▇▇’▇ ability to (i) perform its obligations under the Agreement, or (ii) comply with applicable laws in connection with the Agreement, ▇. ▇. ▇▇▇▇▇▇ shall, within a reasonable time, provide MFS with high-level information about such impact to MFS and its remediation plan. Notwithstanding the foregoing, if the penetration testing reveals any critical or high vulnerabilities, ▇. ▇. ▇▇▇▇▇▇ shall undertake remediation efforts to address such vulnerabilities in accordance with its internal policies.
Security Controls Testing. Contractor shall conduct, at least annually, reviews of security practices against various standards, such as SOC 2 Type II, Payment Card Industry (PCI), as applicable for the hosting service providers and other approved subcontractors involved in delivery of Services. Contractor agrees to remediate any High-Risk Findings resulting from this testing and provide confirmation of remediation to SWK. Upon request, Contractor agrees to make such reports available for review by SWK.