Incident Response Program Sample Clauses

Incident Response Program. (i) Without limiting Section 5.2(a), EVERTEC represents and warrants to COMPANY and BPPR that it has implemented, and hereby undertakes to maintain and update, a comprehensive response program that includes processes and procedures (including notification procedures to Affected Persons) designed to address incidents of unauthorized access involving Personal Data in accordance with applicable Legal Requirements and Industry Standards.
AutoNDA by SimpleDocs
Incident Response Program. An incident response program that complies with Legal Requirements to address any actual or suspected information security incident (as defined in applicable Legal Requirements) involving unauthorized access to the parties’ physical or electronic systems that either compromises or could compromise sensitive information. A Security Incident includes but is not limited to physical trespass on a secure facility, computing systems intrusion/hacking, loss/theft of a PC (laptop or desktop), loss/theft of printed materials, etc. To the extent not prohibited by law or an enforcement agency, the party that becomes aware of the Security Incident will notify the other party in writing within 24 hours (or within the time required by law, whichever is sooner) following its discovery of any Security Incident that involves Subscriber’s customers’ consumer information. The party that originates the Security Incident will take all reasonable steps to immediately mitigate and/or remedy such Security Incident and prevent any further breach in accordance with applicable Legal Requirements. Any notification to the other party must include periodic meetings to discuss and report the available facts, the status of the investigation, the estimated effects on Subscriber’s customer’s, and, if applicable, the potential number of affected customers. The Parties agree to cooperate fully with each other on any investigation, corrective action and response or affected customers notice requirements. Except as strictly required by applicable law, Security Software Solutions will not communicate with any third party, including but not limited to the media, vendors, and affected customers, regarding the Security Incident, as it relates to Subscriber, without Subscriber’s express consent, The parties will mutually agree on the content of the communication, which will abide by Subscriber’s regulatory requirements. To the extent a party is the source of the Security Incident it shall assume the costs related to responding to, and mitigating damages caused by any Security Incident, including all regulatory fines and costs of investigation, notification and/or remediation. Such party shall also defend, indemnify and hold harmless Subscriber and its subsidiaries, affiliates, and respective officers, directors, employees, agents, successors and permitted assigns from and against all losses, damages, liabilities, deficiencies, actions, judgments, interest, awards, penalties, fines, costs or expense...
Incident Response Program. Combination of incident response policy, plan, and procedures.
Incident Response Program. As part of its security program, the security staff has established a computer security incident response program so Alert Logic can recognize, analyze, and handle information security incidents and threats. Incidents or events impacting Alert Logic are processed utilizing Incident Management and Handling processes which cover Alert Logic's computing, network, data, physical and human resources components of the system. The incident handling plan includes preparation, identification, containment, eradication, recovery and lessons learned phases. Incident handling plans, processes and procedures are reviewed and tested at least annually. ANNEX 4 Description of Processing Data subjects Data Exporter may submit Customer Data to the Services, the extent of which is determined and controlled by the Data Exporter in its sole discretion, and which may include, but is not limited to Customer Data relating to the following categories of data subjects: ▪ Customers, business partners, and vendors of the Data Exporter (who are natural persons) ▪ Employees or contact persons of Data Exporter customers, business partners, and vendors ▪ Employees, agents, advisors, contractors, or any user authorized by the Data Exporter to use the Service (who are natural persons) Categories of data Data Exporter may submit Customer Data, the extent of which is determined and controlled by the Data Exporter in its sole discretion, and which may include, but is not limited to the following categories of Customer Data: ▪ First and last name ▪ Business contact information (company, email, phone, physical business address) ▪ Personal contact information (email, cell phone) ▪ Title ▪ Position ▪ Employer ▪ ID data ▪ Professional life data ▪ Personal life data (in the form of security questions and answers) ▪ Connection data ▪ Localization data ▪ Network data (including source and destination IP addresses) ▪ Log data Processing operations / Purpose of processing The Customer Data transferred will be subject to the following basic processing activities (please specify):
Incident Response Program. Xxxxxxxxx maintains a written incident response program that addresses cybersecurity event preparation, detection, analysis, containment, eradication, and recovery. This program includes procedures that describe: (i) roles and responsibilities of the incident response team; (ii) communication requirements with internal and external partners; (iii) plans to detect, respond to, and contain common incident categories; (iv) methods to preserve evidence, maintain chain of custody, and perform forensic analysis; (v) coordination of recovery processes; (vi) follow-up processes; and (vii) reporting to ensure critical details of incidents are tracked and lessons learned are incorporated into ongoing response procedures, training, and testing. The incident response program includes coordinating incident handling activities involving supply chain events with other organizations involved in the supply chain. The incident response program is reviewed and updated at least annually.

Related to Incident Response Program

  • Client Responsibilities You are responsible for (a) assessing each participants’ suitability for the Training, (b) enrollment in the appropriate course(s) and (c) your participants’ attendance at scheduled courses.

  • Joint Responsibility If the Seller determines that the Interface Problem is attributable partially to the design of a Warranted Part and partially to the design of any Supplier Part, the Seller will, if so requested by the Buyer, seek a solution to the Interface Problem through cooperative efforts of the Seller and any Supplier involved. The Seller will promptly advise the Buyer of such corrective action as may be proposed by the Seller and any such Supplier. Such proposal will be consistent with any then existing obligations of the Seller hereunder and of any such Supplier towards the Buyer. Such corrective action, unless reasonably rejected by the Buyer, will constitute full satisfaction of any claim the Buyer may have against either the Seller or any such Supplier with respect to such Interface Problem.

  • Development Responsibilities Unless the Parties agree in writing upon an alternate allocation of responsibility, the Parties shall have the following rights and obligations with respect to operational responsibilities under each Development Plan:

  • Joint Responsibilities 2.1.1 University and Affiliate each will identify, and notify each other of, a person responsible for serving as its liaison during the course of this affiliation. The appointment of liaisons shall be subject to mutual approval of the parties.

  • Regulatory Responsibility The preparation, filing, prosecution and maintenance of INDs, BLAs and other regulatory filings required to be filed with any Regulatory Authority with regard to each Product will be in the name of and the responsibility of Alexion. Alexion shall own the Regulatory Approvals. The costs incurred by the Parties in the preparation, filing and submission of such regulatory filings will be deemed Development Expenses and subject to the terms of Section 3.6. Except as otherwise provided in an applicable Development Plan, Alexion shall oversee, monitor and coordinate all regulatory actions, communications and filings with and submissions, including filings and submissions of supplements and amendments thereto, to Regulatory Authorities with respect to each Product and shall give XOMA a reasonable opportunity for prior review of all such material communications, filings and submissions.

  • Scope of Responsibility Notwithstanding any provision to the contrary, the Escrow Agent is obligated only to perform the duties specifically set forth in this Escrow Agreement, which shall be deemed purely ministerial in nature. Under no circumstances will the Escrow Agent be deemed to be a fiduciary to any Party or any other person under this Escrow Agreement. The Escrow Agent will not be responsible or liable for the failure of any Party to perform in accordance with this Escrow Agreement. The Escrow Agent shall neither be responsible for, nor chargeable with, knowledge of the terms and conditions of any other agreement, instrument, or document other than this Escrow Agreement, whether or not an original or a copy of such agreement has been provided to the Escrow Agent; and the Escrow Agent shall have no duty to know or inquire as to the performance or nonperformance of any provision of any such agreement, instrument, or document. References in this Escrow Agreement to any other agreement, instrument, or document are for the convenience of the Parties, and the Escrow Agent has no duties or obligations with respect thereto. This Escrow Agreement sets forth all matters pertinent to the escrow contemplated hereunder, and no additional obligations of the Escrow Agent shall be inferred or implied from the terms of this Escrow Agreement or any other agreement.

  • Trust Responsibilities In connection with its use of AVA, the Trust, through its service providers, shall:

  • Timing of Response Intermediary agrees to execute instructions as soon as reasonably practicable, but not later than five business days after receipt of the instructions by the Intermediary.

  • Customer Responsibilities Customer shall:

  • Regulatory Responsibilities The Parties will share responsibility for leading regulatory matters relating to the SYNGAP1 Co-Co Products, as described in this Section 6.9 (each Party, when designated as provided herein to provide such leadership with respect to designated activities is the “Lead Regulatory Party” with respect to such activities). With respect to each SYNGAP1 Co-Co Product, Acadia shall (x) lead the overall strategy for obtaining Regulatory Approval of such SYNGAP1 Co-Co Product (including labeling for such SYNGAP1 Co-Co Product), including by selecting the jurisdictions within which XXXx will be pursued and Execution Version the timing and order in which such approvals will be sought (“Regulatory Strategy”), and will be the Lead Regulatory Party with respect to such strategic activities with respect to such SYNGAP1 Co-Co Product, (y) be the Lead Regulatory Party with respect to the submission of any MAA for such SYNGAP1 Co-Co Product, and (z) following the first Regulatory Approval of such SYNGAP1 Co-Co Product, be the Lead Regulatory Party in connection with such SYNGAP1 Co-Co Product and with respect to Commercialization and regulatory activities (including post-marketing studies). Subject to the foregoing, the JSC shall designate a Party to lead all other pre-Regulatory Approval regulatory matters relating to each SYNGAP1 Co-Co Product in accordance with the applicable SYNGAP1 Co-Development Plan (each Party in such capacity will be deemed the Lead Regulatory Party with respect to such activities). The Lead Regulatory Party shall be responsible for (i) filing for in its name, and owning, all Regulatory Materials relating to regulatory activities with respect to such SYNGAP1 Co-Co Product in the relevant country, (ii) overseeing, monitoring, and coordinating all regulatory actions, communications and filings with, and submissions to, each Regulatory Authority with respect to such activities; and (iii) interfacing, corresponding, and meeting with each Regulatory Authority with respect to such activities, in each case consistent with the Regulatory Strategy and applicable SYNGAP1 Co-Development Plan or SYNGAP1 Co-Commercialization Plan.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!