Common use of Security Information Clause in Contracts

Security Information. 12.1 The Supplier shall provide the Authority with details of systems that they have in place that show how they shall comply fully with all Annexes and Schedules that deal with the security of information. 12.2 In order for the Supplier to process any data belonging to the Authority they must have security clearance appropriate to the security classification that has been allocated to that process. Only Official and Official – Sensitive security classification audio will be undertaken under the OTS Service. Official and Official- Sensitive Baseline Personal Security Service – BPSS Secret Security Clearance - SC or Developed Vetting – DV Top Secret Developed Vetting- DV 12.3 The security classifications (OFFICIAL, OFFICIAL SENSITIVE, SECRET and TOP SECRET) indicate the increasing sensitivity of information AND the baseline personnel, physical and information security controls necessary to defend against a broad profile of applicable threats. Full details are provided in Annex 4. 12.4 The Supplier shall be expected to handle information classified as Official and Official- Sensitive only and should ensure that all their Personnel who do not directly deliver the contracted services have undergone a basic Disclosure Barring Service (DBS) check. This shall include all temporary and relief Personnel. 12.5 The Supplier shall work with Authority to ensure the required numbers of Personnel with the required level of security clearance will be available to fulfil Orders. 12.6 The Supplier shall create and maintain a database which shall contain details of their Personnel and their level of security clearance and ensure that said clearance certificates are monitored for any breaches and updated as required. 12.7 The Supplier shall provide the Authority with details of their Personnel who undertake Service Orders and include their clearance details. 12.8 The Supplier’s database of Personnel shall be made available to the Authority immediately on request. 12.9 The Supplier shall ensure that any breaches of security are immediately reported to the Authority. 12.10 The Authority and its authorised representatives shall have the right to audit or examine source data from the Supplier database. 12.11 For full details of Security Information requirements, see Annex D to the Call-Off Contract terms and conditions (Information Assurance and Security).

Security Information. 12.1 14.1 The Supplier shall provide the Authority with details of systems that they have in place that show how they shall comply fully with all Annexes and Schedules that deal with the security of information. 12.2 14.2 In order for the Supplier or their Personnel to process any data belonging to the Authority they must have security clearance appropriate to the security classification that has been allocated to that process. Only Official and Official – Sensitive security classification audio will be undertaken under the OTS Service. Official and Official- Sensitive Baseline Personal Security Service – BPSS Secret Security Clearance - SC or Developed Vetting – DV Top Secret Developed Vetting- DVdata. 12.3 14.3 The security classifications (OFFICIAL, OFFICIAL SENSITIVE, SECRET and TOP SECRET) indicate the increasing sensitivity of information AND the baseline personnel, physical and information security controls necessary to defend against a broad profile of applicable threats. Full details are provided in Annex 44 (Information and Assurance). 12.4 14.4 The Supplier shall be expected to handle information classified as Official and Official- Sensitive only and should ensure that all their Personnel who do not directly deliver the contracted services have undergone a basic Disclosure Barring Service (DBS) check. This shall include all temporary and relief Personnel. 12.5 14.5 There shall be a requirement for some Supplier Personnel to have a higher level of clearance as set out below: Official and Official- Sensitive Baseline Personal Security Service – BPSS Secret Security Clearance – SC or Developed Vetting – DV Top Secret Developed Vetting – DV 14.6 Certain types of hearings or Court buildings have a minimum Security Clearance level which will not be lowered. These are: 14.6.1 All Personnel who work within the Royal Courts of Justice (RCJ) must have a Security Clearance of Counter Terrorist Check (CTC). 14.6.2 All transcribers assigned to Special Immigration Asylum Commission (SIAC) orders must hold a valid DV clearance. 14.6.3 The Authority will fund up to three DV applications per Call-Off Contract. Any new DV applications must be submitted within six weeks of the Effective Date, however renewal DV applications can be made up to four months prior to the expiry date of the Call-Off Contract. Authority funding is limited to three DV applications per Call-Off Contract whether successfully resulting in a clearance or not. 14.6.4 Where the Authority has funded DV clearances to deliver CRT services, the Supplier shall prioritise DV clearance orders placed under any Call-Off Contract to the CRT Framework Agreement over other orders that the Supplier may be delivering which also requires DV clearance. 14.7 Although only BPSS clearance is required for some Official- Sensitive work, SC or DV clearance is required for any Sensitive Case Service matters where attendance in a secure location is required. 14.8 The Supplier shall inform the Authority immediately if a security vetting clearance has been revoked or removed. The Supplier shall confirm that the individual no longer has access to any Authority information and that the identity pass has been revoked. 14.9 The Supplier shall work with Authority to ensure the required numbers of Personnel with the required level of security clearance will shall be available to fulfil fulfill Orders. 12.6 14.10 The Supplier shall ensure that the Personnel who they propose to attend the Court or tribunal has the appropriate level of security required before the allocation of work. 14.11 The Supplier shall confirm that the Personnel who attend the Authority’s premises will have the appropriate identification as agreed with the Authority for checking by the Court administration. 14.12 The Supplier shall create and maintain a database which shall contain details of their the Personnel who attend the Court or tribunal and their level of security clearance and ensure that said clearance certificates are monitored for any breaches and updated as required. 12.7 14.13 The Supplier shall provide the Authority with details of their Personnel who undertake Service Orders attend the Authority’s premises and include copies of their security clearance detailscertificates to allow management of the Orders. 12.8 14.14 The Supplier’s database of Personnel shall be made available to the Authority immediately on request. 12.9 14.15 The Supplier shall ensure that any breaches of security are immediately reported to the Authority. 12.10 14.16 The Authority and its authorised authorized representatives shall have the right to audit or examine source data from the Supplier database. 12.11 For full details of Security Information requirements, see Annex D to the Call-Off Contract terms and conditions (Information Assurance and Security).