Security Assessments. Upon advance written notice by the JBE, Contractor agrees that the JBE shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the JBE’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the JBE the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.
Security Assessments. At least once a year, or upon the Court’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with the safety and security policies set forth in this Agreement or any Statement of Work. Contractor shall provide to the Court the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any and all necessary corrective actions. The Court and Court Contractors may, at the Court’s expense, perform the assessments described in this Section and “snap” assessments (e.g., safety and data/physical security assessments) of the Court Work Locations. Project Staff. If specified in or unless otherwise provided for in the Statement of Work:
Security Assessments. Upon advance written notice by the Court, Contractor agrees that the Court shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the Court’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the Court the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.
Security Assessments. NIST Special Publication 800-37, as revised, encourages agencies to accept each other’s security assessments in order to reuse information system resources and/or to accept each other’s assessed security posture in order to share information. NIST 800-37 further encourages that this type of reciprocity is best achieved when agencies are transparent and make available sufficient evidence regarding the security state of an information system so that an authorizing official from another organization can use that evidence to make credible, risk-based decisions regarding the operation and use of that system or the information it processes, stores, or transmits. Consistent with that guidance, the parties agree to make available to each other upon request system security evidence for the purpose of making risk-based decisions. Requests for this information may be made by either party at any time throughout the duration or any extension of this agreement.
Security Assessments. Upon advance written notice by the Judicial Council, Contractor agrees that the Judicial Council shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the Judicial Council’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the Judicial Council the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.
Security Assessments. In the event you wish to conduct penetration testing or a vulnerability assessment on the Licensed Software, you shall (i) provide Tridium a reasonable opportunity to participate in such testing, and (ii) provide Tridium with the results of such test, and a copy of any report or record made of the results of such test, promptly upon completion of the testing, whether or not Tridium elects to participate in the testing. If you discover, or reasonably suspect, that the Licensed Software is vulnerable to a security breach that could reasonably be prevented, you shall promptly advise Tridium of the vulnerability discovered or suspected. You may not conduct any test that decompiles any portion of the Licensed Software, whether firmware or in other form, into binary code, or otherwise exposes the binary code of any part of the Licensed Software. You acknowledge that if you conduct any penetration testing or vulnerability assessment on the Licensed Software without first installing the most recent security update issued by Tridium, (i) any vulnerability to a security breach you may discover cannot be attributed to failure on the part of Tridium, and (ii) any statement to a third party indicating that the Licensed Materials have such a vulnerability may be a false statement for which you could be legally liable to Tridium.
Security Assessments. Provider shall submit the results and remediation efforts of an independent security assessment for all Solutions that: (a) are customer facing, including websites, shipped with, or installed on customer systems, or (b) Process Highly Restricted Data. The assessment scope and remediation efforts must be agreed upon by RSA and addressed to RSA’s satisfaction prior to acceptance of such Solutions.
Security Assessments. Provider shall submit the results and remediation efforts of an independent security assessment for all Solutions that (a) are customer facing, including websites, shipped with or installed on customer systems; or (b) process Highly Restricted Data. The assessment scope and remediation efforts must be agreed upon by Dell and addressed to Dell’s satisfaction prior to acceptance of such Solutions.
Security Assessments. Upon advance written notice by the JCC, Contractor agrees that the JCC shall have reasonable access to Contractor’s operational documentation, records, logs, and databases that relate to data security and the Contractor’s Information Security Program. Upon the JCC’s request, Contractor shall, at its expense, perform, or cause to have performed an assessment of Contractor’s compliance with its privacy and data security obligations. Contractor shall provide to the JCC the results, including any findings and recommendations made by Contractor’s assessors, of such assessment, and, at its expense, take any corrective actions.
Security Assessments. (i) If requested by Amazon, Operator will undergo an initial Security Assessment, including the completion of a Risk Assessment Questionnaire.
