My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
2007/10/17 Council Agenda Packet
>
Council Agenda Packets
>
2007
>
2007/10/17 Council Agenda Packet
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
3/17/2017 11:33:36 AM
Creation date
3/17/2017 11:32:41 AM
Metadata
Fields
Template:
Council Agenda Packet
Date
10/17/2007
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
190
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
.1 2 a. by September 30, 2005: a review of CDRL 31 with an <br /> assessment of its adequacy and conformance with industry best <br /> practices; a review and assessment of the Contractor's existing <br /> security measures at its facilities operating the Translink system; <br /> b. by October 31, 2005: a detailed plan and description of the <br /> testing that will be conducted as specified in 11.3(c) below; <br /> c. as part of the SIT Part 1 End-to-End Testing of the RFCS (to be <br /> completed by July 27, 2006), intrusion and other security auditing <br /> activities as agreed by ERG and the Agencies. <br /> The Contractor shall complete a second audit no later than May 31, 2007, <br /> and then shall conduct such audits by May 31 annually thereafter. The <br /> scope of work for each audit shall be submitted to the Contractor <br /> Administrator for review prior to the commencement of the audit and said <br /> work shall include but not be limited to assessing whether the actions <br /> identified in the prior audit have been taken. Subject to the confidentiality <br /> provisions of this Contract, Contractor shall direct the auditor to provide <br /> the Contract Administrator with a copy of the final report of such audit <br /> within forty-five (45) days after it is completed. <br /> 11.4 The Contractor shall report to the Contract Administrator any <br /> unauthorized use of the RFC System or unauthorized disclosure of RFCS- <br /> related data within forty-eight (48) hours after the Contractor becomes <br /> aware of such use or disclosure. In such event, the Contractor shall take <br /> such further steps as may reasonably be requested by the Contract <br /> Administrator to prevent further unauthorized use of the RFCS or data <br /> related thereto. <br /> 11.5 At all times, the Contractor shall maintain the security of the <br /> collection and clearinghouse operations in accordance with this Contract, <br /> applicable legal and regulatory requirements, and in accordance with the <br /> professional standards of persons and firms with specialized knowledge, <br /> expertise and experience who are leading designers and providers of <br /> systems, software and hardware used in the automated smart card fare <br /> payment industry. <br /> 2.0 System Backup and Disaster Recovery/Business Resumption Plan <br /> Section 3.1-13, "System Backup and Disaster Recovery/Business Resumption <br /> Plan" is hereby amended to read as follows: <br /> 3.1-13.1 System Backup and Disaster Recovery/Business Resumption Plan" <br /> 13.1 In accordance with the Contract Document Requirements List provided in <br /> Section 6.11-11.6.1.1, the Contractor shall submit to the Contract Administrator a <br /> CCA#3-Attachment A 3 <br />
The URL can be used to link to this page
Your browser does not support the video tag.