Isolation of System or Device. A system or device, containing County CSP, compromised by an Incident and/or Breach involving an exploitation of a technical vulnerability, shall be promptly disconnected from CDSS’ production environment with access to only individuals who are participating in the investigation, mitigation, and remediation of the Incident and/or Breach. Such system or device shall remain disconnected from the production environment until the risk from the exploited vulnerability has been adequately mitigated. The County must be contacted prior to placing the previously compromised system or device, containing County CSP, back in the production environment. The affected system or device, containing County CSP, shall not be returned to operation in the production environment until the County Information Security and/or Privacy Officer gives its approval.
Appears in 8 contracts
Samples: Scope of Work, Scope of Work, Scope of Work
