Security Testing. The Supplier shall conduct Security Tests from time to time (and at least annually across the scope of the ISMS) and additionally after any change or amendment to the ISMS (including security incident management processes and incident response plans) or the Security Management Plan. Security Tests shall be designed and implemented by the Supplier so as to minimise the impact on the delivery of the Goods and/or Services and the date, timing, content and conduct of such Security Tests shall be agreed in advance with the Customer. Subject to compliance by the Supplier with the foregoing requirements, if any Security Tests adversely affect the Supplier’s ability to deliver the Goods and/or Services so as to meet the Service Level Performance Measures, the Supplier shall be granted relief against any resultant under-performance for the period of the Security Tests. The Customer shall be entitled to send a representative to witness the conduct of the Security Tests. The Supplier shall provide the Customer with the results of such Security Tests (in a form approved by the Customer in advance) as soon as practicable after completion of each Security Test. Without prejudice to any other right of audit or access granted to the Customer pursuant to this Call Off Contract, the Customer and/or its authorised representatives shall be entitled, at any time upon giving reasonable notice to the Supplier, to carry out such tests (including penetration tests) as it may deem necessary in relation to the ISMS and the Supplier's compliance with the ISMS and the Security Management Plan. The Customer may notify the Supplier of the results of such tests after completion of each such test. If any such Customer’s test adversely affects the Supplier’s ability to deliver the Services so as to meet the Target Performance Levels, the Supplier shall be granted relief against any resultant under-performance for the period of the Customer’s test. Where any Security Test carried out pursuant to paragraphs 104.2 or 104.3 of this Call Off Schedule reveals any actual or potential Breach of Security or weaknesses (including un-patched vulnerabilities, poor configuration and/or incorrect system management), the Supplier shall promptly notify the Customer of any changes to the ISMS and to the Security Management Plan (and the implementation thereof) which the Supplier proposes to make in order to correct such failure or weakness. Subject to the Customer's prior written Approval, the Supplier sha...
Security Testing. Flexera has arranged for all testing as detailed in this Section below to be undertaken by an independent third party.
Security Testing. 5.1 During the performance of Services under the Agreement, Processor shall engage, at its own expense and at least one time per year, a third party vendor (“Testing Company”) to perform penetration and vulnerability testing (“Security Tests”) with respect to Processor’s systems containing and/or storing Personal Data.
Security Testing a. Yahoo, its agents, and/or Yahoo Affiliates, in its sole discretion, has the right at any time to perform remote Security Testing of The System, excluding physical premises. Such Security Testing does not include actions (e.g., penetration testing) that could reasonably be anticipated to cause material harm or damage to The System or materially impair its performance. Security Testing may result in the identification of Security Issues.
Security Testing. SSAE 16 Service Organization Control (SOC 2 and 3) Type II audits completed annually by a third party. • Global network penetration test conducted annually. Penetration test results are considered SAS’ Confidential Information. • Penetration tests performed for new and significantly-changed production applications that are exposed to the Internet.
Security Testing. The Contractor shall perform a series of steps to verify the security of applications to be defined. The Contractor is expected to:
Security Testing. Whimsical shall regularly test, assess and evaluate the effectiveness of the security measures set forth in Appendix 1.
Security Testing. Examination of The System, directly or indirectly through interfaces to which Yahoo, its agents, and/or Yahoo Affiliates have access without the need for Partner coordination, by manual interaction with or automated test cases that can identify and/or diagnose, or are intended to identify and/or diagnose, Security Issues. [***] Certain information has been omitted and filed separately with the Securities and Exchange Commission. Confidential treatment has been requested with respect to the omitted portions. Homes for Sale Partnership The System: Any and all components owned, operated, or provided by Partner or on behalf of Partner, that are involved in receiving, delivering or storing data required to perform Partner’s obligations under the Business Agreement, including, but not limited to, the applicable networks, databases, software, computer systems, backups, devices, processes, documentation, data, and physical premises. Yahoo Affiliate: Any partnership, limited liability company, corporation, or other entity that, directly or indirectly though one or more intermediaries, controls, is controlled by, or is under common control with Yahoo or in which Yahoo! owns an ownership interest of twenty percent (20%) or more.
Security Testing. The Supplier will conduct periodic reviews and tests to verify compliance with and the effectiveness of the Supplier’s compliance with the data security requirements under this Agreement. As part of such testing, the Supplier will have an independent, regionally recognized third party conduct penetration tests addressing network and Systems risks on all of the Supplier’s Systems used to provide the Services, which tests will be performed on an annual basis as well as following any significant infrastructure or application upgrades and modifications. The Supplier will: (a) provide VITA with copies of the plans pursuant to which any of such security related tests will be conducted (as such test relates to the Services) for review and approval of VITA; (b) make any changes required by VITA; and (c) address any comments made by VITA. CONFIDENTIALITY
Security Testing. Implement a repeatable and documented set of security tests for hardware, software and services – including but not limited to the production environment, releases of Software-as-a-Service (SaaS), other Cloud-based “as-a- Services” (PaaS, IaaS, DRaaS, etc.), containers and application program interfaces (APIs) used to deliver services of the Agreement or host City data within the scope of the Agreement. Determine the objectives of each security test, and tailor the approach accordingly. Analyze findings, and develop mitigation techniques to address (i) poor testing effectiveness metrics and (ii) any weaknesses discovered through the tests. At the City's request, cooperate with City and its contracted resources to conduct security quality assurance and penetration tests on a mutually agreeable schedule.
