Common use of Security risk Clause in Contracts

Security risk. If a party becomes aware of or suspects a security risk, it needs to take the steps specified in this clause. If either party becomes aware or suspects that: (a) there is a material vulnerability in the Services; (b) any unauthorised person has obtained access to the technology systems or any Confidential Information of the other party or the Purchasing Agency Data; (c) any person has used any Confidential Information or Purchasing Agency Data for purposes not authorised or permitted by the Subscription Agreement; or (d) any other unauthorised access or other incident (including compromise or unauthorised exfiltration of Purchasing Agency Data) has occurred that threatens the security or integrity of the Services or any Confidential Information or Purchasing Agency Data, the following steps shall be taken, as applicable: (e) it will notify the other party as soon as possible; (f) where the incident concerns unauthorised access, promptly take such steps as are reasonably available to it to identify the person or persons who have gained access and, in your case, provide the Purchasing Agency with such information to assist with investigation of the incident as the Purchasing Agency reasonably requests; and (g) take all reasonable steps to stop such unauthorised access or incident and prevent its reoccurrence.

Security risk. If a party becomes aware of or suspects a security risk, it needs to take the steps specified in this clause. If either party becomes aware or suspects that: (a) there is a material vulnerability in the Services;` (b) any unauthorised person has obtained access to the technology systems or any Confidential Information of the other party or the Purchasing Agency Data;` (c) any person has used any Confidential Information or Purchasing Agency Data for purposes not authorised or permitted by the Subscription Agreement; ` or (d) any other unauthorised access or other incident (including compromise or unauthorised exfiltration of Purchasing Agency Data) has occurred that threatens the security or integrity of the Services or any Confidential Information or Purchasing Agency Data, the following steps shall be taken, as applicable: (e) it will notify the other party as soon as possible;` (f) where the incident concerns unauthorised access, promptly take such steps as are reasonably available to it to identify the person or persons who have gained access and, in your case, provide the Purchasing Agency with such information to assist with investigation of the incident as the Purchasing Agency reasonably requests; ` and (g) take all reasonable steps to stop such unauthorised access or incident and prevent its reoccurrence.