Investigations in Response to Actual or Suspected Breach Sample Clauses

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity specifically requests Vendor do so in writing.

Investigations in Response to Actual or Suspected Breach. The CSP and CSP Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at the CSP’s sole cost. At no additional cost to the Governmental Entity or the State of Iowa, the CSP and CSP Contractor will fully cooperate with the Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, the CSP and CSP Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. The CSP and CSP Contractor will deliver to the Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. The CSP agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the Governmental Entity specifically requests the CSP do so in writing.