Incident Response Program Sample Clauses
The Incident Response Program clause establishes the requirement for an organization to maintain a structured plan for detecting, responding to, and recovering from security incidents. Typically, this clause outlines the procedures for identifying breaches, notifying affected parties, and documenting the response steps taken, often specifying timelines and responsible personnel. Its core function is to ensure a prompt and coordinated reaction to security threats, thereby minimizing potential damage and ensuring compliance with legal or contractual obligations.
Incident Response Program. An incident response program that complies with Legal Requirements to address any actual or suspected information security incident (as defined in applicable Legal Requirements) involving unauthorized access to the parties’ physical or electronic systems that either compromises or could compromise sensitive information. A Security Incident includes but is not limited to physical trespass on a secure facility, computing systems intrusion/hacking, loss/theft of a PC (laptop or desktop), loss/theft of printed materials, etc. To the extent not prohibited by law or an enforcement agency, the party that becomes aware of the Security Incident will notify the other party in writing within 24 hours (or within the time required by law, whichever is sooner) following its discovery of any Security Incident that involves Subscriber’s customers’ consumer information. The party that originates the Security Incident will take all reasonable steps to immediately mitigate and/or remedy such Security Incident and prevent any further breach in accordance with applicable Legal Requirements. Any notification to the other party must include periodic meetings to discuss and report the available facts, the status of the investigation, the estimated effects on Subscriber’s customer’s, and, if applicable, the potential number of affected customers. The Parties agree to cooperate fully with each other on any investigation, corrective action and response or affected customers notice requirements. Except as strictly required by applicable law, Security Software Solutions will not communicate with any third party, including but not limited to the media, vendors, and affected customers, regarding the Security Incident, as it relates to Subscriber, without Subscriber’s express consent, The parties will mutually agree on the content of the communication, which will abide by Subscriber’s regulatory requirements. To the extent a party is the source of the Security Incident it shall assume the costs related to responding to, and mitigating damages caused by any Security Incident, including all regulatory fines and costs of investigation, notification and/or remediation. Such party shall also defend, indemnify and hold harmless Subscriber and its subsidiaries, affiliates, and respective officers, directors, employees, agents, successors and permitted assigns from and against all losses, damages, liabilities, deficiencies, actions, judgments, interest, awards, penalties, fines, costs or expense...
Incident Response Program. (a) EVERTEC represents and warrants to BPPR that it has implemented, and hereby undertakes to maintain and update, a comprehensive response program that includes processes and procedures (including notification procedures to Affected Persons) designed to address incidents of unauthorized access involving BPPR Data or Cardholder information in accordance with applicable Legal Requirements and Industry Standards.
(b) If EVERTEC becomes aware of an Incident, to the extent it is not prohibited by applicable Legal Requirements, EVERTEC agrees to:
(i) notify BPPR as soon as practicable, and in any event within twenty-four (24) hours, following EVERTEC’s becoming aware of an Incident. The initial notification must be made to the BPPR Chief Information Security Officer, and must include based on then-available information: (i) the available facts; (ii) the status and results of the investigation including identifying the sources and underlying causes of the Incident; (iii) the estimated effects on BPPR, BPPR Data or Cardholder information and the ability of EVERTEC to perform its obligations under this Agreement; (iv) the steps already taken to mitigate, remedy and contain the Incident; (v) if applicable, the potential number of affected Merchants, Government-Merchants, customers, consumers, and/or employees affected (collectively “Affected Persons”); and (vi) the name and contact information of EVERTEC’s representative who will serve as BPPR’s primary contact;
(ii) provide BPPR with prompt updates to any information referenced in clause (i) above;
(iii) take all reasonable steps, at EVERTEC’s sole cost and expense (unless such Incident was caused by BPPR or any of its subsidiaries or any contractor or subcontractor thereof), in accordance with its Data Protection Program and Incident Response Program to immediately mitigate and/or remedy, at EVERTEC’s expense, such Incident and contain its further occurrence;
(iv) reasonably coordinate and cooperate with BPPR representatives in any required investigation and provide periodic updates regarding the Incident, including: (i) providing access to the affected facilities and affected operations as necessary for the BPPR or its auditors to conduct investigations required to be conducted by BPPR by Legal Requirements and applicable Rules (provided that BPPR shall reimburse EVERTEC for any losses incurred by EVERTEC in connection with any unauthorized access or intrusion to EVERTEC’s Systems, or any Disabling Device introd...
Incident Response Program. ▇▇▇▇▇▇▇▇▇ maintains a written incident response program that addresses cybersecurity event preparation, detection, analysis, containment, eradication, and recovery. This program includes procedures that describe: (i) roles and responsibilities of the incident response team; (ii) communication requirements with internal and external partners; (iii) plans to detect, respond to, and contain common incident categories; (iv) methods to preserve evidence, maintain chain of custody, and perform forensic analysis; (v) coordination of recovery processes; (vi) follow-up processes; and (vii) reporting to ensure critical details of incidents are tracked and lessons learned are incorporated into ongoing response procedures, training, and testing. The incident response program includes coordinating incident handling activities involving supply chain events with other organizations involved in the supply chain. The incident response program is reviewed and updated at least annually.
Incident Response Program. Combination of incident response policy, plan, and procedures.
Incident Response Program. As part of its security program, the security staff has established a computer security incident response program so Alert Logic can recognize, analyze, and handle information security incidents and threats. Incidents or events impacting Alert Logic are processed utilizing Incident Management and Handling processes which cover Alert Logic's computing, network, data, physical and human resources components of the system. The incident handling plan includes preparation, identification, containment, eradication, recovery and lessons learned phases. Incident handling plans, processes and procedures are reviewed and tested at least annually.
Incident Response Program. Supplier will maintain an incident response program, which will be managed and run by a dedicated incident response team. The Supplier’s incident response program must follow documented incident management policies and procedures to ensure timely detection, investigation, evidence preservation, notification, and remediation of any Security Incidents. Supplier’s incident response program will include, at a minimum: initial detection; initial tactical response; initial briefing; incident briefing; refined response; communication and message; formal containment, eradication, and recovery; formal incident report; and postmortem/trend analysis.