Security Incident Response Upon becoming aware of a Security Incident, MailChimp shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.
Security Incident Reporting A security incident occurs when CDA information assets are or reasonably believed to have been accessed, modified, destroyed, or disclosed without proper authorization, or are lost, or stolen. Subrecipient must comply with CDA’s security incident reporting procedures located at xxxxx://xxx.xxxxx.xx.xxx/ProgramsProviders/#Resources.
Implementation of and Reporting on the Project A. The Grantee shall implement and complete the Project in accordance with Exhibit A and with the plans and specifications contained in its Grant Application, which is on file with the State and is incorporated by reference. Modification of the Project shall require prior written approval of the State.
Security Breach Notice and Reporting The Contractor shall have policies and procedures in place for the effective management of Security Breaches, as defined below, which shall be made available to the State upon request. In addition to the requirements set forth in any applicable Business Associate Agreement as may be attached to this Contract, in the event of any actual security breach or reasonable belief of an actual security breach the Contractor either suffers or learns of that either compromises or could compromise State Data (a “Security Breach”), the Contractor shall notify the State within 24 hours of its discovery. Contractor shall immediately determine the nature and extent of the Security Breach, contain the incident by stopping the unauthorized practice, recover records, shut down the system that was breached, revoke access and/or correct weaknesses in physical security. Contractor shall report to the State: (i) the nature of the Security Breach; (ii) the State Data used or disclosed; (iii) who made the unauthorized use or received the unauthorized disclosure; (iv) what the Contractor has done or shall do to mitigate any deleterious effect of the unauthorized use or disclosure; and (v) what corrective action the Contractor has taken or shall take to prevent future similar unauthorized use or disclosure. The Contractor shall provide such other information, including a written report, as reasonably requested by the State. Contractor shall analyze and document the incident and provide all notices required by applicable law. In accordance with Section 9 V.S.A. §2435(b)(3), the Contractor shall notify the Office of the Attorney General, or, if applicable, Vermont Department of Financial Regulation (“DFR”), within fourteen (14) business days of the Contractor’s discovery of the Security Breach. The notice shall provide a preliminary description of the breach. The foregoing notice requirement shall be included in the subcontracts of any of Contractor’s subcontractors, affiliates or agents which may be “data collectors” hereunder. The Contractor agrees to fully cooperate with the State and assume responsibility at its own expense for the following, to be determined in the sole discretion of the State: (i) notice to affected consumers if the State determines it to be appropriate under the circumstances of any particular Security Breach, in a form recommended by the AGO; and (ii) investigation and remediation associated with a Security Breach, including but not limited to, outside investigation, forensics, counsel, crisis management and credit monitoring, in the sole determination of the State. The Contractor agrees to comply with all applicable laws, as such laws may be amended from time to time (including, but not limited to, Chapter 62 of Title 9 of the Vermont Statutes and all applicable State and federal laws, rules or regulations) that require notification in the event of unauthorized release of personally-identifiable information or other event requiring notification. In addition to any other indemnification obligations in this Contract, the Contractor shall fully indemnify and save harmless the State from any costs, loss or damage to the State resulting from a Security Breach or the unauthorized disclosure of State Data by the Contractor, its officers, agents, employees, and subcontractors.
PERFORMANCE MONITORING AND REPORTING Performance indicators
Safeguards Monitoring and Reporting 8. The Borrower shall do the following or cause the Project Executing Agency to do the following:
Funding, Services and Reporting The HSP represents warrants and covenants that
ADMINISTRATIVE AND REPORTING REQUIREMENTS Contractor shall furnish a report of all services provided under the Contract during each quarterly period, no later than the 15th of the month following the close of each quarter. Purchases by Non-State agencies, political subdivisions and others authorized by law shall be reported in the same report and indicated as required. A template for such report is included herein as Attachment 5 – Report of Contract Usage. The report must be submitted electronically via electronic mail utilizing the template provided. All fields of information shall be accurate and complete. The report is to be submitted electronically in Microsoft Excel 2007 or 2003 (or as otherwise directed by OGS), via electronic mail to the attention of the individual identified on the front page of the Contract Award Notification and shall reference the Group Number, the Award Number, Contract Number, sales period, and Contractor’s (or other authorized agent) name, and all other fields required, using the report template provided. OGS reserves the right to amend the report template. Additional related sales information and/or detailed Authorized User purchases may be required by OGS and must be supplied within 30 days upon request.
Monitoring and Reporting 3.1 The Contractor shall provide workforce monitoring data as detailed in paragraph 3.2 of this Schedule 8. A template for data collected in paragraphs 3.2, 3.3 and 3.4 will be provided by the Authority. Completed templates for the Contractor and each Sub-contractor will be submitted by the Contractor with the Diversity and Equality Delivery Plan within six (6) Months of the Commencement Date and annually thereafter. Contractors are required to provide workforce monitoring data for the workforce involved in delivery of the Contract. Data relating to the wider Contractor workforce and wider Sub-contractors workforce would however be well received by the Authority. Contractors and any Sub-contractors are required to submit percentage figures only in response to paragraphs 3.2(a), 3.2(b) and 3.2(c).
Diverse Spend Reporting If the total value of the Contract may exceed $500,000, including all extension options, Contractor must track and report, on a quarterly basis, the amount paid to diverse businesses both: 1) directly to subcontractors performing under the Contract, and 2) indirectly to diverse businesses that provide supplies/services to your company (in proportion to the revenue from this Contract compared to Contractor’s overall revenue). When this applies, Contractor will register in a free portal to help report the Tier 2 diverse spend, and the requirement continues as long as the Contract is in effect.
