Supplier Information System(s) definition

Supplier Information System(s) means any Supplier systems and/or computers used to Process Company Data pursuant to the Contract Document, which includes laptops and network devices.

Split View

AI-Powered Contracts

Draft, Review & Redline at the Speed of AI

Get StartedBook a Demo

Supplier Information System(s) means any Supplier systems, applications, computers, network equipment, hardware and Mobile Devices used to Process Yellow Confidential Information pursuant to the Agreement and/or as part of the Services, which includes laptops and network connected devices.

Supplier Information System(s). (or “SIS”) means all hardware, software, operating systems, database systems, software tools and network components used by or on behalf of Supplier to receive, maintain, Process, store, access or transmit GSK Data.

Examples of Supplier Information System(s) in a sentence

• Security Incidents on Supplier Information Systems must be logged, reviewed on a periodic basis (minimum quarterly), secured, and maintained for a minimum of twelve (12) months.

• Supplier shall maintain a current inventory of Supplier Information Systems.

• Unless a disaster recovery (“DR”) program is otherwise set forth in more detail elsewhere in the Contract Document, Supplier must maintain a DR program for all Supplier Information Systems and facilities used to provide services under the Contract Document to Company.

• Supplier shall monitor the effectiveness of its security program by conducting self-audits and risk assessments of Supplier Information Systems against the requirements of written policies and procedures maintained as required by this Schedule no less frequently than every twelve (12) months.

• Suppliers must conduct periodic security risk assessments of Supplier Information Systems to identify critical information assets, assess threats, and determine potential vulnerabilities.

• The “Technical Configuration” Schedule to this Media Support Statement of Work sets forth the interfaces between the Customer Systems and the Supplier Information Systems that are needed for Customer to access and/or use the Services and for Supplier to provide and perform the Services.

• In all cases, Supplier shall take immediate action to eliminate and remediate the Virus’ proliferation and its effects on the Services, the Customer Systems, the Supplier Information Systems and operating environments and processes used by Supplier to perform and deliver the Services, including Supplier Software and the Customer Software.

• Controlled Data, and/or Sensitive Personal Data, and/or (ii) where an outage of the Supplier Information System(s), as identified in the Contract Document and/or this Agreement, is likely to significantly adversely impact VWTS or overall VWTS operations, financial position, regulatory compliance, and/or reputation.

• The “Technical Configuration” Schedule to this ADM Infrastructure Statement of Work sets forth the interfaces between the Customer Systems and the Supplier Information Systems that are needed for Customer to access and/or use the Services and for Supplier to provide and perform the Services.

• The “Technical Configuration” Schedule to this IT Infrastructure Statement of Work sets forth the interfaces between the Customer Systems and the Supplier Information Systems that are needed for Customer to access and/or use the Services and for Supplier to provide and perform the Services.

More Definitions of Supplier Information System(s)

Supplier Information System(s) means any Supplier system(s) and/or computer(s) used to Process, store, transmit and/or access Lighting Confidential Information pursuant to the Contract Document, which includes laptops and network devices.

Supplier Information System(s) means any system(s) and/or computer(s), including laptops, network devices and mobile devices, owned or operated by or on behalf of Supplier and used to process, store, transmit and/or access information in connection with the Subcontract. Supplier shall develop, implement, and maintain an information security program that adheres to applicable laws, regulations and industry standards such as ISO 27001 or NIST SP 800-171 to protect Supplier Information System(s) and shall ensure that comparable safeguards are in place in connection with any cloud environments used by Supplier. This information security program shall include appropriate administrative, physical, technical, organizational and operational safeguards designed to ensure the confidentiality, integrity, and availability of Controlled Data and Personal Information and protect against the risk of an Information Security Incident. If Supplier becomes aware or has a reasonable suspicion of an Information Security Incident that may involve Controlled Data or Leidos Personal Information as defined in the Data Protection Section, Supplier at its sole expense shall take appropriate and immediate actions to investigate and contain the incident and shall report it to Leidos in writing at ▇▇▇▇▇@▇▇▇▇▇▇.▇▇▇ within 48 hours of discovery unless an earlier notification period is required elsewhere in this Subcontract, including in any addenda to this Subcontract. Such notice will (i) describe the nature of the Security Incident, (ii) identify any Leidos Personal Information or Controlled Data affected by the Information Security Incident, and (iii) summarize in reasonable detail the effect on Leidos, and (iv) the corrective actions taken by Supplier. Supplier shall provide timely and relevant updates to Leidos, on an ongoing basis, regarding the nature and scope of the Information Security Incident and cooperate with Leidos to provide notice to affected third parties, as applicable. Supplier also shall timely provide Leidos with any additional information or documents Leidos reasonably requests related to the Information Security Incident to further assist Leidos in understanding the effect on Leidos, its employees, and its customers and the corrective actions taken. Supplier shall reimburse Leidos for all actual costs incurred by Leidos in responding to, and mitigating damages caused by, any Information Security Incident directly or indirectly caused by Supplier’s acts or omissions, including all costs of notic...