Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 289 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 218 contracts

Sources: Call Off Contract, G Cloud 14 Call Off Contract, G Cloud 13 Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the ~~Buyer~~▇▇▇▇▇’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 26 contracts

Sources: G Cloud 13 Call Off Contract, Call Off Contract, G Cloud 13 Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 19 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the ~~Buyer~~▇▇▇▇▇’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 15 contracts

Sources: G Cloud 13 Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ● Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2 Buyer~~provided ● ▇▇▇▇▇’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 11 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 9 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ~~▇▇▇▇▇~~Buyer’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 8 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ● Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2 Buyer~~provided ● ▇▇▇▇▇’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10- steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 8 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ▇▇▇▇▇: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date//▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber- security

Appears in 5 contracts

Sources: G Cloud 14 Call Off Contract, G Cloud 14 Call Off Contract, G Cloud 14 Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an ~~industry-~~industry- accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ● Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2 Buyer~~provided ● ▇▇▇▇▇’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 5 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ⚫ Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2~~ provided ⚫ Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps- cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 3 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, ~~before~~ prior to entering into this Call-Off ~~Contract~~ Contract, the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-~~to-~~to- date antivirus definitions available from an ~~industry-~~industry- accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and will restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2~~ provided Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s ~~control 16.5~~ control The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded~~. 16.6~~ . Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇: ~~16.7~~ //▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 3 contracts

Sources: Call Off Contract, Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, ~~software~~ software, and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 2 contracts

Sources: Call Off Contract, G Cloud 13 Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ~~▇▇▇▇▇~~Buyer’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 2 contracts

Sources: Call Off Contract, G Cloud 13 Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ⚫ Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2~~ provided ⚫ Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10- steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 2 contracts

Sources: Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the ~~Buyer~~▇▇▇▇▇’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential ~~Information (and the Buyer of any Buyer Confidential Information breach)~~Information. Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 2 contracts

Sources: Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-~~to-~~to- date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 2 contracts

Sources: Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s 's written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s 's security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the: 16.4.1 Supplier’s 's expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s 's expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s 's control 16.5 The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s 's Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s 's Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s 's ‘10 Steps to Cyber Security’ ' guidance: 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 2 contracts

Sources: Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ● Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2~~ provided ● Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10- steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 2 contracts

Sources: Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ● Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2 Buyer~~provided ● ▇▇▇▇▇’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps- cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 2 contracts

Sources: G Cloud Call Off Contract, G Cloud 11 Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ● Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2~~ provided ● Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 2 contracts

Sources: Call Off Contract, Call Off Contract

Security. 16.1 If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. 16.2 The Supplier will use ~~all reasonable endeavours,~~ software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. 16.3 If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. 16.4 Responsibility for costs will be at the~~: 16.4.1~~ : ⚫ Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when ~~provided 16.4.2~~ provided ⚫ Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control 16.5 The Supplier will immediately notify ~~the Buyer~~ CCS of any breach of security of ~~▇▇▇▇▇~~CCS’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the ~~Buyer’s~~ CCS and Buyer Confidential Information however it may be recorded. 16.6 Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance, available at ▇▇▇▇▇://▇▇▇.▇▇▇▇.▇▇▇.▇▇/guidance/10-steps-cyber-security 16.7 If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start ~~date~~Date.

Appears in 2 contracts

Sources: Call Off Contract, G Cloud 10 Call Off Contract

Security. ~~16.1~~ 16.1. If requested to do so by the Buyer, before entering into this Call-Off Contract the Supplier will, within 15 Working Days of the date of this Call-Off Contract, develop (and obtain the Buyer’s written approval of) a Security Management Plan and an Information Security Management System. After Buyer approval the Security Management Plan and Information Security Management System will apply during the Term of this Call-Off Contract. Both plans will comply with the Buyer’s security policy and protect all aspects and processes associated with the delivery of the Services. ~~16.2~~ 16.2. The Supplier will use all reasonable endeavours, software and the most up-to-date antivirus definitions available from an industry-accepted antivirus software seller to minimise the impact of Malicious Software. ~~16.3~~ 16.3. If Malicious Software causes loss of operational efficiency or loss or corruption of Service Data, the Supplier will help the Buyer to mitigate any losses and restore the Services to operating efficiency as soon as possible. ~~16.4~~ 16.4. Responsibility for costs will be at the: 16.4.1 Supplier’s expense if the Malicious Software originates from the Supplier software or the Service Data while the Service Data was under the control of the Supplier, unless the Supplier can demonstrate that it was already present, not quarantined or identified by the Buyer when provided 16.4.2 Buyer’s expense if the Malicious Software originates from the Buyer software or the Service Data, while the Service Data was under the Buyer’s control ~~16.5~~ 16.5. The Supplier will immediately notify the Buyer of any breach of security of ▇▇▇▇▇’s Confidential Information (and the Buyer of any Buyer Confidential Information breach). Where the breach occurred because of a Supplier Default, the Supplier will recover the Buyer’s Confidential Information however it may be recorded. ~~16.6~~ 16.6. Any system development by the Supplier should also comply with the government’s ‘10 Steps to Cyber Security’ guidance: ~~16.7~~ 16.7. If a Buyer has requested in the Order Form that the Supplier has a Cyber Essentials certificate, the Supplier must provide the Buyer with a valid Cyber Essentials certificate (or equivalent) required for the Services before the Start date.

Appears in 1 contract

Common use of Security Clause in Contracts