My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Reso 2021-3185
SIBFL
>
City Clerk
>
Resolutions
>
Regular
>
2021
>
Reso 2021-3185
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
7/28/2021 3:03:08 PM
Creation date
4/28/2021 10:18:49 AM
Metadata
Fields
Template:
CityClerk-Resolutions
Resolution Type
Resolution
Resolution Number
2021-3185
Date (mm/dd/yyyy)
04/15/2021
Description
P.O. for unleaded fuel using fuel card program. State of Florida contract with WEX Bank.
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
173
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
7. SECURITY & CONFIDENTIALITY <br />7.1 System must be PCI DSS compliant throughout the term of the Master Agreement. <br />7.2 System Electronic Data Interchange (EDI) standards must be compliant with ANSI ASC. <br />7.3 Contractor must keep Participating State, Purchasing Entity, and Cardholder information <br />confidential and may not share, use, or sell data acquired through the execution of this Master <br />Agreement or affiliated Participating Addendum. <br />7.4 Cyber Security Protocols. <br />WEX's Information Security Organization is responsible for safeguarding the confidentiality, <br />integrity and availability of physical and electronic information assets. The overall objectives for <br />information security at WEX include: <br />• Ensuring the confidentiality, integrity and availability of WEX's information assets. <br />• Managing controls to safeguard WEX's information assets against unauthorized use, <br />access or disclosure. <br />• Maintaining business resiliency in the event of a disaster or security incident. <br />• Managing a control environment consistent with commonly accepted industry standards <br />and frameworks including ISO 27001, PCI-DSS, SOX/404, and NIST. <br />• Managing risks related to the use of external service providers and related third parties. <br />WEX's Information Security organization has adopted the ISO 27001/27002 framework for <br />protecting information assets. The framework and related control activities have been <br />established using a risk based approach aligned to enable the business and support strategic <br />priorities. <br />As such, the Information Security framework includes the followine: <br />ISO 27001 Domain <br />Representative WEX IS Capabilities <br />Information security policies <br />Corporate IS Policy, Acceptable Use, and extensive IS <br />standards and procedures <br />Organization of information <br />VP CISO reporting to the audit committee with functional <br />security <br />groups including access management, threat management, <br />risk management, business resiliency and architecture and <br />engineering. <br />Human resource security <br />Background checks, training, management oversight <br />Asset management <br />Asset inventories maintained, data classification, and media <br />handling controls <br />Access control <br />Provisioning and recertification controls limit access based <br />on need to know and enforce stringent password and <br />segregation of duties requirements <br />MASTER AGREEMENT No. 00819 - FLEET CARD SERVICES PAGE 104 OF 138 <br />
The URL can be used to link to this page
Your browser does not support the video tag.