Common use of Breach of Security Clause in Contracts

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.198.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7Call Off Schedule, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.194.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7Call Off Schedule, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.19.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.177.1, the Supplier Service Provider shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] 12/08/2013 In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.13.12, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] 12/08/2013 In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.177.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.188.1, the Supplier shall: immediately take all reasonable steps(which steps (which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7Call Off Schedule, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.177.1, the Supplier Service Provider shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] 12/08/2013 12/08/2013 In this Contract Call Off Schedule 79, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.19.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] 12/08/2013 In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1100.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods Products and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.19.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7Call Off Schedule, then any required change to the Security Management Plan shall be at no cost to the Customer. To be agreed between the Parties in line with Call Off Schedule 8 SECURITY. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 79, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.189.12, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7Call-Off Schedule, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Schedule 7, the following definitions shall apply:12/08/2013

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.14.12, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.15.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Schedule 7, the following definitions shall apply:.

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.15.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods Products and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.176.12, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.13.12, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Lease Agreement Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Lease Agreement Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.197.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or and Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Schedule 7Call Off Schedule, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 78, the following definitions shall apply:

Breach of Security. Either party shall notify the other in accordance with the agreed security incident management process (as detailed in the Security Management Plan if one exists) upon becoming aware of any Breach of Security or any potential or attempted Breach of Security. Without prejudice to the security incident management process, upon becoming aware of any of the circumstances referred to in paragraph 95.125.1, the Supplier shall: immediately take all reasonable steps(which shall include any action or changes reasonably required by the Customer) necessary to: minimise the extent of actual or potential harm caused by any Breach of Security; remedy such Breach of Security to the extent possible and protect the integrity of the Customer and the provision of the Goods and/or Services to the extent within its control against any such Breach of Security or attempted Breach of Security; prevent an equivalent breach in the future exploiting the same root cause failure; and as soon as reasonably practicable provide to the Customer, where the Customer so requests, full details (using the reporting mechanism defined by the Security Management Plan if one exists) of the Breach of Security or attempted Breach of Security, including a root cause analysis where required by the Customer. In the event that any action is taken in response to a Breach of Security or potential or attempted Breach of Security that demonstrates non-compliance of the Security Management Plan with the Security policy or the requirements of this Contract Call Off Schedule 7, then any required change to the Security Management Plan shall be at no cost to the Customer. 12/08/2013 [LONG FORM – PARAGRAPHS 1 TO 8] In this Contract Call Off Schedule 7, the following definitions shall apply: