Supplier must. a. Establish an operational incident handling capability for information systems that includes reasonable preparation, detection, analysis, containment, recovery, and user response activities. b. Periodically, but no less than annually, test the incident handling capability. c. Track, document, and report incidents to appropriate Supplier personnel. d. Notify Verizon of any incident materially affecting systems supporting Verizon services or data, including, but not limited to, any loss, acquisition or use of Verizon Confidential Information without authorization, as follows: i. Supplier must provide notification via electronic mail to: XXXX@xxxxxxx.xxx as soon as practical, but no later than twenty-four (24) hours, following awareness of the security incident. ii. Upon Verizon request, Supplier must provide status updates of the incident mitigation to a point of contact designated by Verizon. iii. Supplier must cooperate with Verizon in its efforts to investigate any security incidents. iv. Upon Verizon request, Supplier must provide a written report which describes the incident, the actions taken by Supplier during the incident response and future actions to prevent a similar incident from reoccuring.
Appears in 4 contracts
Samples: Transfer and Servicing Agreement (Verizon Owner Trust 2020-C), Transfer and Servicing Agreement (Verizon Owner Trust 2020-C), Transfer and Servicing Agreement (Verizon Owner Trust 2020-B)
Supplier must. a. Establish an operational incident handling capability for information systems that includes reasonable preparation, detection, analysis, containment, recovery, and user response activities. b. Periodically, but no less than annually, test the incident handling capability. c. Track, document, and report incidents to appropriate Supplier personnel. d. Notify Verizon of any incident materially affecting systems supporting Verizon services or data, including, but not limited to, any loss, acquisition or use of Verizon Confidential Information without authorization, as follows: i. Supplier must provide notification via electronic mail to: XXXX@xxxxxxx.xxx as soon as practical, but no later than twenty-four (24) hours, following awareness of the security incident. ii. Upon Verizon request, Supplier must provide status updates of the incident mitigation to a point of contact designated by Verizon. iii. Supplier must cooperate with Verizon in its efforts to investigate any security incidents. iv. Upon Verizon request, Supplier must provide a written report which describes the incident, the actions taken by Supplier during the incident response and future actions to prevent a similar incident from reoccuring. 7.
Appears in 2 contracts
Samples: Transfer and Servicing Agreement (Verizon Owner Trust 2020-C), Transfer and Servicing Agreement (Verizon Owner Trust 2020-B)
