Schedule R - Security Provisions
What is the purpose of this Schedule?
Who develops the supporting documents required to update the schedule?
When should the schedule's supporting documents be created?
When is this particular schedule used?
What is required for this schedule?
Information Covered in Schedule R Attachment and Exhibits
What is the purpose of this Schedule? | The purpose Schedule R is to provide a centralized location for all security obligations under the TSMA. In accordance with the TSMA, TELUS will comply with the security requirements set out in this schedule, including its attachments, in the GPS Group Security Policies (subject to section 5 of this Schedule), and in Section 19 of the main body of this Agreement, and any additional security requirements related to to the Services or the Network which may be agreed to between TELUS and the GPS Group. |
Who develops the supporting documents required to update the Schedule? | Changes within the schedule will be developed by the vendor, TELUS, and then reviewed/negotiated with the Province. |
When should the Schedule's supporting documents be created? | As a schedule applies to all services under the TSMA, when adding a new service, either a new attachment or a new exhibit (or both) may be required to be added to the schedule. The appropriate document(s), attachment and/or exhibit, are always created by TELUS after the Province has documented their requirements and the requirements have been reviewed and agreed to by the Vendor (TELUS) via a Term Sheet negotiated by the Province's Legal Representative. |
When is this particular schedule used? | This schedule is used when onboarding any new services that require additional security that would require new Schedule R attachments or exhibits. |
What is required for this Schedule? | It is important that you review all the requirements for this new service, then review the TSMA to view what is already provided and then document any gaps. |
Tips: | For example, refer to TSMA Attachment R1. |
Information Covered in Schedule R Attachments & Exhibits
- Security of Information
- Adherence to GPS Group Security Standards
- GPS Group Security Policies Exceptions
- Service Specific Security Requirements
- TELUS Group Compliance
- Security Communication and Compliance Monitoring
- Security clearances
- Network & GPS Infrastructure Access
- GPS Group Information Access
- Physical Access
- Monitoring
- Security Records and Reporting
- Court Orders or other Lawful Requirements
- Security Investigations
- Incident Response
- Security Threat and Risk Assessment
- Compliance
- Network and Administrative Security
- Facility Security
- Integrity of Information
- Equipment Security
- Destruction of Information
- Reporting
- Security Screening Requirements
- Personal Security
- GPS Infrastructure Acceptable Use
- Adherence to GPS Group Security Safeguards
- Material Breach
- Security Representatives
- Call Detail Reports
- Logging
- Monitoring
- Auditing
- Remote Access
- Controls
- Security
- Vulnerability Management
- Vulnerability Scanning
- Change Control
- Asset Management
- Workstation Security
- Passcodes
Next Page: Schedule S - Installation Standards