Incident Response Program Sample Clauses

Incident Response Program. An incident response program that complies with Legal Requirements to address any actual or suspected information security incident (as defined in applicable Legal Requirements) involving unauthorized access to the parties’ physical or electronic systems that either compromises or could compromise sensitive information. A Security Incident includes but is not limited to physical trespass on a secure facility, computing systems intrusion/hacking, loss/theft of a PC (laptop or desktop), loss/theft of printed materials, etc. To the extent not prohibited by law or an enforcement agency, the party that becomes aware of the Security Incident will notify the other party in writing within 24 hours (or within the time required by law, whichever is sooner) following its discovery of any Security Incident that involves Subscriber’s customers’ consumer information. The party that originates the Security Incident will take all reasonable steps to immediately mitigate and/or remedy such Security Incident and prevent any further breach in accordance with applicable Legal Requirements. Any notification to the other party must include periodic meetings to discuss and report the available facts, the status of the investigation, the estimated effects on Subscriber’s customer’s, and, if applicable, the potential number of affected customers. The Parties agree to cooperate fully with each other on any investigation, corrective action and response or affected customers notice requirements. Except as strictly required by applicable law, Security Software Solutions will not communicate with any third party, including but not limited to the media, vendors, and affected customers, regarding the Security Incident, as it relates to Subscriber, without Subscriber’s express consent, The parties will mutually agree on the content of the communication, which will abide by Subscriber’s regulatory requirements. To the extent a party is the source of the Security Incident it shall assume the costs related to responding to, and mitigating damages caused by any Security Incident, including all regulatory fines and costs of investigation, notification and/or remediation. Such party shall also defend, indemnify and hold harmless Subscriber and its subsidiaries, affiliates, and respective officers, directors, employees, agents, successors and permitted assigns from and against all losses, damages, liabilities, deficiencies, actions, judgments, interest, awards, penalties, fines, costs or expense...
AutoNDA by SimpleDocs
Incident Response Program. (a) EVERTEC represents and warrants to BPPR that it has implemented, and hereby undertakes to maintain and update, a comprehensive response program that includes processes and procedures (including notification procedures to Affected Persons) designed to address incidents of unauthorized access involving BPPR Data or Cardholder information in accordance with applicable Legal Requirements and Industry Standards. (b) If EVERTEC becomes aware of an Incident, to the extent it is not prohibited by applicable Legal Requirements, EVERTEC agrees to: (i) notify BPPR as soon as practicable, and in any event within twenty-four (24) hours, following EVERTEC’s becoming aware of an Incident. The initial notification must be made to the BPPR Chief Information Security Officer, and must include based on then-available information: (i) the available facts; (ii) the status and results of the investigation including identifying the sources and underlying causes of the Incident; (iii) the estimated effects on BPPR, BPPR Data or Cardholder information and the ability of EVERTEC to perform its obligations under this Agreement; (iv) the steps already taken to mitigate, remedy and contain the Incident; (v) if applicable, the potential number of affected Merchants, Government-Merchants, customers, consumers, and/or employees affected (collectively “Affected Persons”); and (vi) the name and contact information of EVERTEC’s representative who will serve as BPPR’s primary contact; (ii) provide BPPR with prompt updates to any information referenced in clause (i) above; (iii) take all reasonable steps, at EVERTEC’s sole cost and expense (unless such Incident was caused by BPPR or any of its subsidiaries or any contractor or subcontractor thereof), in accordance with its Data Protection Program and Incident Response Program to immediately mitigate and/or remedy, at EVERTEC’s expense, such Incident and contain its further occurrence; (iv) reasonably coordinate and cooperate with BPPR representatives in any required investigation and provide periodic updates regarding the Incident, including: (i) providing access to the affected facilities and affected operations as necessary for the BPPR or its auditors to conduct investigations required to be conducted by BPPR by Legal Requirements and applicable Rules (provided that BPPR shall reimburse EVERTEC for any losses incurred by EVERTEC in connection with any unauthorized access or intrusion to EVERTEC’s Systems, or any Disabling Device introd...
Incident Response Program. As part of its security program, the security staff has established a computer security incident response program so Alert Logic can recognize, analyze, and handle information security incidents and threats. Incidents or events impacting Alert Logic are processed utilizing Incident Management and Handling processes which cover Alert Logic's computing, network, data, physical and human resources components of the system. The incident handling plan includes preparation, identification, containment, eradication, recovery and lessons learned phases. Incident handling plans, processes and procedures are reviewed and tested at least annually.
Incident Response Program. Combination of incident response policy, plan, and procedures.
Incident Response Program. Xxxxxxxxx maintains a written incident response program that addresses cybersecurity event preparation, detection, analysis, containment, eradication, and recovery. This program includes procedures that describe: (i) roles and responsibilities of the incident response team; (ii) communication requirements with internal and external partners; (iii) plans to detect, respond to, and contain common incident categories; (iv) methods to preserve evidence, maintain chain of custody, and perform forensic analysis; (v) coordination of recovery processes; (vi) follow-up processes; and (vii) reporting to ensure critical details of incidents are tracked and lessons learned are incorporated into ongoing response procedures, training, and testing. The incident response program includes coordinating incident handling activities involving supply chain events with other organizations involved in the supply chain. The incident response program is reviewed and updated at least annually.

Related to Incident Response Program

  • Incident Response Operator shall have a written incident response plan that reflects best practices and is consistent with industry standards and federal and state law for responding to a data breach, breach of security, privacy incident or unauthorized acquisition or use of any portion of Data, including PII, and agrees to provide LEA, upon request, an executive summary of the written incident response plan.

  • Client Responsibility For clarity, the parties agree that in reviewing the documents referred to in clause (b) above, Patheon’s role will be limited to verifying the accuracy of the description of the work undertaken or to be undertaken by Patheon. Subject to the foregoing, Patheon will not assume any responsibility for the accuracy of any application for receipt of an approval by a Regulatory Authority. The Client is solely responsible for the preparation and filing of the application for approval by the Regulatory Authority and any relevant costs will be borne by the Client.

  • Client Responsibilities You are responsible for (a) assessing each participants’ suitability for the Training, (b) enrollment in the appropriate course(s) and (c) your participants’ attendance at scheduled courses.

  • Student Responsibilities The school provided Chromebook for the student is an important learning tool to be used for educational purposes. In order to use the device each day, the student must be willing to accept the following responsibilities: ● I understand that district officials have the ability to monitor my use of the device AT ALL TIMES IN AND OUT OF SCHOOL and that communications, files, internet search activities, and any other actions using the device are not considered to be private. Note: RCCSD does not have the ability to and will not remotely operate the camera on the device. However, students can cover it when not in use to ensure others are not. ● I understand that the device assigned to me is on loan from Red Clay Consolidated School District. All accounts, programs, and files are subject to inspection at any time without notice. ● I will be responsible for ALL damage or loss of the device due to NEGLECT OR ABUSE including dropping it, getting it wet, and spills of food or drink. ● I will not try to repair my Chromebook. ● At ALL times when using my Chromebook, I will follow the Acceptable Use, Internet Safety Policy, and Student Code of Conduct, and related policies adopted by the Board of Education, and abide by all local, state, and federal laws. ● I will talk with my parent/guardian about their ground rules for going online when not at school. ● I will notify the school principal and my parents of any damage to the device as soon as possible. ● I will charge the Chromebook battery each night and will bring my Chromebook to school every day or be prepared for remote learning. ● I will keep my Chromebook clean. ● I will not lend my device to anyone. This includes family members and friends. Note: I could be held responsible for any inappropriate content on the District issued Chromebook. ● I will keep all passwords assigned to me secure. ● I will only use my account credentials to sign into my Chromebook. ● I am allowed to connect to non-district printers and wireless networks at home and in public places. ● I agree that e-mail or any other computer communication should be used only for appropriate, legitimate, and responsible communication. ● I agree not to share personal information about myself (full name, address, etc.) or about my family, friends or anyone else. ● I agree not to search for, download, display, post, or distribute vulgar, offensive material or images described in applicable district policies. (See the student handbook and/or the district's Acceptable Use Agreement.) ● I agree to abide by all school rules that address electronic device procedures. ● I will return the device when requested, at the end of the school year or upon my withdrawal. ● I agree to not deface or destroy this property in any way. Inappropriate use of the machine may result in the student losing their right to use the Chromebook. ● I understand that identification labels have been placed on the Chromebook. These labels are not to be removed or modified. Additional stickers, labels, tags, or markings of any kind are NOT to be added to the machine.

  • Management Responsibility No Limited Partner, as such, shall take part in the management of the business or transact any business for the Partnership.

  • Cost Responsibility Interconnection Customer shall be responsible for and shall pay upon demand all Costs associated with the interconnection of the Customer Facility as specified in the Tariff. These Costs may include, but are not limited to, an Attachment Facilities charge, a Local Upgrades charge, a Network Upgrades charge and other charges. A description of the facilities required and an estimate of the Costs of these facilities are included in Sections 3.0 and 4.0 of the Specifications to this ISA.

  • Payment Responsibility The payment obligations of each Participating Manufacturer pursuant to this Agreement shall be the several responsibility only of that Participating Manufacturer. The payment obligations of a Participating Manufacturer shall not be the obligation or responsibility of any Affiliate of such Participating Manufacturer. The payment obligations of a Participating Manufacturer shall not be the obligation or responsibility of any other Participating Manufacturer. Provided, however, that no provision of this Agreement shall waive or excuse liability under any state or federal fraudulent conveyance or fraudulent transfer law. Any Participating Manufacturer whose Market Share (or Relative Market Share) in any given year equals zero shall have no payment obligations under this Agreement in the succeeding year.

  • Department Responsibilities The use of sick leave may properly be denied if these procedures are not followed. Abuse of sick leave on the part of the employee is cause for disciplinary action. Departmental approval of sick leave is a certification of the legitimacy of the sick leave claim. The department head or designee may make reasonable inquiries about employee absences. The department may require medical verification for an absence of three (3) or more working days. The department may also require medical verification for absences of less than three (3) working days for probable cause if the employee had been notified in advance in writing that such verification was necessary. Inquiries may be made in the following ways: 1. Calling the employee's residence telephone number or other contact telephone number provided by the employee if telephone notification was not made in accordance with departmental sick leave call-in guidelines. These inquiries shall be subject to any restrictions imposed by the employee under Section 14.4.a. 2. Obtaining the employee's signature on the Absence/Overtime Record, or on another form established for that purpose, as employee certification of the legitimacy of the claim. 3. Obtaining the employee's written statement regarding the sick leave claim and duration. 4. Requiring the employee to obtain a physician's certificate or verification of the employee's illness, date(s) the employee was incapacitated, and the employee's ability to return to work, as specified above. 5. In absences of an extended nature, requiring the employee to obtain from their physician a statement of progress and anticipated date on which the employee will be able to return to work, as specified above. Department heads are responsible for establishing timekeeping procedures which will insure the submission of a time card covering each employee absence and for operating their respective offices in accordance with these policies and with clarifying regulations issued by the Office of the County Administrator. To help assure uniform policy application, the Director of Human Resources or designated management staff of the County Human Resources Department should be contacted with respect to sick leave determinations about which the department is in doubt.

  • Joint Responsibility If the Seller determines that the Interface Problem is attributable partially to the design of a Warranted Part and partially to the design of any Supplier Part, the Seller will, if so requested by the Buyer, seek a solution to the Interface Problem through cooperative efforts of the Seller and any Supplier involved. The Seller will promptly advise the Buyer of such corrective action as may be proposed by the Seller and any such Supplier. Such proposal will be consistent with any then existing obligations of the Seller hereunder and of any such Supplier towards the Buyer. Such corrective action, unless reasonably rejected by the Buyer, will constitute full satisfaction of any claim the Buyer may have against either the Seller or any such Supplier with respect to such Interface Problem.

  • Tenant Responsibility Good housekeeping is expected of everyone. Tenant agrees to keep quarters clean and in a sanitary condition. The Tenants agree not to permit any deterioration or destruction to occur while they are occupying the property.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!