SECURITY & OPSEC Sample Clauses

The SECURITY & OPSEC clause establishes requirements and standards for maintaining the confidentiality, integrity, and availability of sensitive information and systems. It typically outlines the security measures that must be implemented, such as access controls, encryption, and regular security assessments, and may specify protocols for reporting and responding to security incidents. The core function of this clause is to protect both parties from data breaches and operational vulnerabilities, thereby reducing the risk of unauthorized access or disclosure of critical information.
POPULAR SAMPLE Copied 4 times
SECURITY & OPSEC. All PAH shall comply with DFARS 252.204-7012 (Oct 2016): Safeguarding Covered Defense Information and Cyber Incident Reporting when applicable. Covered Defense Information (CDI) will be identified at the Project Agreement level. The MCDC Member shall comply with DFARS 252.204-7012 (Oct 2016): Safeguarding Covered Defense Information and Cyber Incident Reporting, which includes implementing on its covered contractor information systems the security requirements specified by DFARS 252.204-7012. Nothing in this paragraph shall be interpreted to foreclose the MCDC Member's right to seek alternate means of complying with the security requirements in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 (as contemplated in DFARS 252.204-7008 (Compliance with Safeguarding Covered Defense Information Controls) (Oct 2016) and DFARS 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting (Oct 2016)). Work performed by a PAH under a Project Agreement may involve access to Controlled Unclassified Information (CUI). All Controlled Unclassified Information (CUI) developed under this Agreement will be managed in accordance with DoD Manual 5200.01, Volume 4 dated February 24, 2012. Contractor personnel shall comply with applicable Technology Protection Plans (TPP), Interim Program Protection Plans (IPPP) and/or Program Protection Plans (PPP). If a project involves a Controlled Unclassified Information (CUI) effort, the below listed Department of Defense Directives, Federal Acquisition Regulation (FAR) and the Defense Federal Acquisition Regulation Supplement (DFARS), and ARDEC clauses will be incorporated into the Project Agreements by reference with the same force and effect as if they were given in full text. (1) Each project Scope of Work will be provided by the Agreements Officer Representative (AOR) to the Joint Project Manager- Medical Countermeasure Systems Office for dissemination to the appropriate Fort ▇▇▇▇▇▇▇ COMSEC officer prior to award for review. (2) Each project Scope of Work will be subject to Ft. ▇▇▇▇▇▇▇ policy and procedure according to DoD 5220.22- M, (National Industrial Security Program Operating Manual, NISPOM), as deemed applicable and appropriate during the security review process and prior to award. Additional COMSEC requirements may be required at other locations/facilities (based on service/command requirements). (3) Specific applicable policies, instructions, and regulations will be ...
View SourceView Similar (6)
SECURITY & OPSEC. The below language shall be used as Paragraph 6 of Article XVII in Regeneron’s Base Agreement: Access and General Protection/Security Policy and Procedures. This standard language text is applicable to ALL PAH employees working on critical program information or covered defense information related to Operation Warp Speed (OWS), and to those with an area of performance within an Army controlled installation, facility or area. PAH employees shall comply with applicable installation, facility and area commander installation/facility access and local security policies and procedures (provided by government representative). The PAH also shall provide all information required for background checks necessary to access critical program information or covered defense information related to OWS, and to meet installation access requirements to be accomplished by installation ▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇ Office, Director of Emergency Services or Security Office. The PAH workforce must comply with all personal identity verification requirements as directed by DOD, HQDA and/or local policy. In addition to the changes otherwise authorized by the changes clause of this agreement, should the Force Protection Condition (FPCON) at any individual facility or installation change, the Government may require changes in PAH security matters or processes.
View SourceView Similar (4)
SECURITY & OPSEC. The below language shall be used as Paragraph 6 of Article XVII in the Project Agreement Holder's Base Agreement: ​ Access and General Protection/Security Policy and Procedures. This standard language text is applicable to ALL Project Agreement Holder employees working on critical program information or covered defense information related to Operation Warp Speed (OWS), and to those with an area of performance within an Army controlled installation, facility or area. Project Agreement Holder employees shall comply with applicable installation, facility and area commander installation/facility access and local security policies and procedures (provided by government representative). The Project Agreement Holder also shall provide all information required for background checks necessary to access critical program information or covered defense information related to OWS, and to meet installation access requirements to be accomplished by installation ▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇ Office, Director of Emergency Services or Security Office. The Project Agreement Holder workforce must comply with all personal identity verification requirements as directed by DOD, HQDA and/or local policy. In addition to the changes otherwise authorized by the changes clause of this agreement, should the Force Protection Condition (FPCON) at any individual facility or installation change, the Government may require changes in Project Agreement Holder security matters or processes. ​
View Source

Related to SECURITY & OPSEC

  • NIST Cybersecurity Framework The U.S. Department of Commerce National Institute for Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity Version 1.1.

  • Security Bond The security bond provides protection to Owner if Contractor presents an acceptable guaranteed maximum price (“GMP”) to Owner but is unable to deliver the required payment and performance bonds within the time period stated below.

  • Contractor Security Clearance Customers may designate certain duties and/or positions as positions of “special trust” because they involve special trust responsibilities, are located in sensitive locations, or have key capabilities with access to sensitive or confidential information. The designation of a special trust position or duties is at the sole discretion of the Customer. Contractor or Contractor’s employees and Staff who, in the performance of this Contract, will be assigned to work in positions determined by the Customer to be positions of special trust, may be required to submit to background screening and be approved by the Customer to work on this Contract.

  • Security of Data a. Each of the parties shall: i. ensure as far as reasonably practicable, that Data is properly stored, is not accessible to unauthorised persons, is not altered, lost or destroyed and is capable of being retrieved only by properly authorised persons; ii. subject to the provisions of Sub-Clause 8.a. ensure that, in addition to any security, proprietary and other information disclosure provision contained in the Contract, Messages and Associated Data are maintained in confidence, are not disclosed or transmitted to any unauthorised person and are not used for any purpose other than that communicated by the sending party or permitted by the Contract; and iii. protect further transmission to the same degree as the originally transmitted Message and Associated Data when further transmissions of Messages and Associated Data are permitted by the Contract or expressly authorised by the sending party. b. The sending party shall ensure that Messages are marked in accordance with the requirements of the Contract. If a further transmission is made pursuant to Sub-Clause 3. a. iii. the sender shall ensure that such markings are repeated in the further transmission. c. The parties may apply special protection to Messages by encryption or by other agreed means, and may apply designations to the Messages for protective Interchange, handling and storage procedures. Unless the parties otherwise agree, the party receiving a Message so protected or designated shall use at least the same level of protection and protective procedures for any further transmission of the Message and its Associated Data for all responses to the Message and for all other communications by Interchange or otherwise to any other person relating to the Message. d. If either party becomes aware of a security breach or breach of confidence in relation to any Message or in relation to its procedures or systems (including, without limitation, unauthorised access to their systems for generation, authentication, authorisation, processing, transmission, storage, protection and file management of Messages) then it shall immediately inform the other party of such breach. On being informed or becoming aware of a breach the party concerned shall: i. immediately investigate the cause, effect and extent of such breach; ii. report the results of the investigation to the other party; and iii. use all reasonable endeavours to rectify the cause of such breach. e. Each party shall ensure that the contents of Messages that are sent or received are not inconsistent with the law, the application of which could restrict the content of a Message or limit its use, and shall take all necessary measures to inform without delay the other party if such an inconsistency arises.

  • Security Safeguards Contractor shall store and process District Data in accordance with commercial best practices, including implementing appropriate administrative, physical, and technical safeguards that are no less rigorous than those outlined in SANS Top 20 Security Controls, as amended, to secure such data from unauthorized access, disclosure, alteration, and use. Contractor shall ensure that all such safeguards, including the manner in which District Data is collected, accessed, used, stored, processed, disposed of and disclosed, comply with all applicable federal and state data protection and privacy laws, regulations and directives, including without limitation C.R.S. § ▇▇-▇▇-▇▇▇ et seq., as well as the terms and conditions of this Addendum. Without limiting the foregoing, and unless expressly agreed to the contrary in writing, Contractor warrants that all electronic District Data will be encrypted in transmission and at rest in accordance with NIST Special Publication 800-57, as amended.