Common use of Investigations in Response to Actual or Suspected Breach Clause in Contracts

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity specifically requests Vendor do so in writing.

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable Governmental Entity and OCIO DOE in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity DOE or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, DOE and the its Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO DOE a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity DOE specifically requests Vendor do so in writing.

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agreeagrees, at their its sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity specifically requests in writing Vendor do so in writingso.

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable State or Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable State or Governmental Entity or the State of IowaEntity, Vendor and Vendor Contractor will fully cooperate with the applicable State or Governmental Entity, OCIO, Entity and the its Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable State or Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable State or Governmental Entity specifically requests Vendor do so in writing.

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or reasonably suspected Security Breach in Vendor owned equipment computers, storage devices, or systems, and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, Entity and the its Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, plan and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity specifically requests Vendor do so in writing.

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agreeagrees, at their its sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless required by law (or pursuant to advice of counsel) or the applicable Governmental Entity specifically requests in writing Vendor do so in writingso.

Investigations in Response to Actual or Suspected Breach. Vendor and Vendor Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach Breach, caused in whole or in part by an act or omission of Vendor, Vendor Contractors, or Vendor Personnel, and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach Breach, caused in whole or in part by an act or omission of Vendor, Vendor Contractors, or Vendor Personnel, at Vendor’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor and Vendor Contractor will fully cooperate with the applicable Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor and Vendor Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor and Vendor Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity specifically requests Vendor do so in writing.

Investigations in Response to Actual or Suspected Breach. Vendor The CSP and Vendor CSP Contractors agree, at their sole expense, to take all steps necessary to promptly remedy any actual or suspected Security Breach and to fully cooperate with the applicable Governmental Entity and OCIO in resolving and mitigating any damage from such actual or suspected Security Breach at Vendorthe CSP’s sole cost. At no additional cost to the applicable Governmental Entity or the State of Iowa, Vendor the CSP and Vendor CSP Contractor will fully cooperate with the applicable Governmental Entity, OCIO, and the Authorized Contractors of either of the foregoing in investigating such actual or suspected Security Breach, including reviewing and assisting in reviewing system, application, and access logs, conducting and assisting in conducting forensic audits of relevant systems, imaging and assisting in imaging relevant media, and making personnel available for interview. On notice of any actual or suspected Security Breach, Vendor the CSP and Vendor CSP Contractor will immediately institute appropriate controls to maintain and preserve all electronic evidence relating to such actual or suspected Security Breach in accordance with industry best practices. Vendor The CSP and Vendor CSP Contractor will deliver to the applicable Governmental Entity and OCIO a root cause assessment and future incident mitigation plan, and deliver a preliminary assessment and plan as soon as practical and regularly maintain and update such assessment and plan throughout the course of any investigation. Vendor The CSP agrees that it will not notify any regulatory authority relating to any actual or suspected Security Breach unless the applicable Governmental Entity specifically requests Vendor the CSP do so in writing.