THIS PAGE NOT FOR RELEASE TO CUSTOMER
|
|
- Griselda Silvia Moody
- 8 years ago
- Views:
Transcription
1 Guidance for Use of This Document THIS PAGE NOT FOR RELEASE TO CUSTOMER Use this Guidance page to determine if this SOW fits your Customer's needs. Discard it prior to presenting the SOW to your Customer. Overview: Specific instructions and suggestions pertaining to each section are contained in NOTE(s) TO CONTRACT PREPARER. These instructions and suggestions are intended to remain in the document when you make it available for use in your country. Please note these documents may have different names in different countries. All NOTE(s) TO CONTRACT PREPARER must be read, followed, and then deleted prior to presenting the document to the Customer. Contract Structure: The attached SOW can be used between IBM and the Customer (Direct Relationship or Complementary (also known as lead pass or closed contract )). When to Use: a. This SOW is intended for use only to support transactions in which a Customer has locations within the same country where the contract originates. b. In the case of an opportunity where a Customer has additional locations outside of the country where the contract originates and globally wants a single set of terms and conditions for services in such global locations within that Customer s Enterprise. A separate Local Transaction Document (LTD) must be created for each country and must be signed by the local Customer company and the local IBM Company listed in the Schedule to this SOW. Change Authorisations may be created to amend the terms of this SOW in a particular country. Like LTDs, Change Authorisations must be signed by the local Customer company and the local IBM Company listed in the Schedule to this SOW. Candidates for this SOW must meet the following criteria: 1. The Customer has an executed IBM International Customer Agreement (IICA) in place and on file. The IICA establishes, with a Customer choosing to do business in more than one country, the ongoing relationship terms under which IBM and the Customer will do business in each of those countries. The IICA contains terms for all machines, programs and services which IBM markets. The Acceptance Transaction Document (ATD), which is part of the IICA, must be signed anytime a new country requiring support will be added to the relationship. Applicable International Contracting Business Processes: The Lead Country Opportunity Owner ( OO )/Global Bid Manager ( GBM ) who has a qualified opportunity for standard services notifies International Customer Fulfillment ( ICF ) and pulls this SOW, along with the Local Transaction Document ( LTD ) template from the Standard Contracts and SOW Templates database. ICF or the OO must communicate with all participating countries. A LTD is prepared for each of the participating countries with contact and applicable country unique terms included. The OO/GBM engages the Global Contract Office ( GCO ) for pricing via ebid submission and sends them the SOW and LTD, along with inventory information. The GCO develops the pricing release letter and copies Legal and QA. Please ensure that both the subscription services charges and term are reflective of the rates and term specified in the Price Release Letter. Participating country Services and QA groups confirm delivery capability if not available in the WW Capabilities database. The OO/GBM manually builds the contract package for the customer's signature. The OO/GBM validates there is a current IICA or equivalent agreement executed, completes the SOW with Customer information, completes a LTD template and obtains service delivery information. (Note: Service delivery information may be specified in a separate document that must be attached to the LTD in order to complete contract package.) The OO/GBM CANNOT USE any local tool-generated LTDs or schedules. The LTD must be built manually, reference the SOW and contain the proper country unique terms and inventory information.) The LTD MUST be SIGNED! Administrative Considerations: The signed SOW must be placed into the ifacts database and signed LTDs into ADIAR, or send to Global ICF. Send to local CSO for manual contract registration and inventory registration in local tools. Additional International Information: For detailed information about international contracting, see International Transactions on the Legal Information Systems site Transactions INTC Page 1 of 14
2 The contract structure supported by this SOW and its applicable Schedule is outlined in the following table. Contract Structure Document Name: Document Type: Between Direct Relationship IBM Customer Agreement ( ICA ) or equivalent Governing IBM and Customer. Form: ICA12-1INT Agreement for Exchange of Confidential Information ( AECI ): Form: INTC-4322 Governing document IBM and Customer Statement of Work ( SOW ) for Cybersecurity Assessment and Response Services - Emergency Response Services Subscription Form: INTC Schedule for Cybersecurity Assessment and Response Services - Emergency Response Services Subscription Form: INTC (Direct) Applicable Business Processes: Standard SOW Incorporated by reference into the applicable Schedule Signature not required Schedule to the standard SOW Incorporates ICA, AECI, and SOW by reference Signature required by both parties IBM and Customer IBM and Customer All existing business processes remain unchanged (WWQA/MD, Quality Assurance, Pricing, etc.). This means all contracts created using this SOW must be Priced and Quality Assured in accordance with the current guidelines. Although the language contained within each module has been previously reviewed by QA, an overall QA review of the specific terms you select for this transaction must be performed. The current versions of the appropriate governing documents are incorporated by reference into each transaction. Such incorporation is stated in the applicable Schedule. In addition, it is critical that IDs and Work Numbers are in place prior to commencement of Services. End of Guidance INTC Page 2 of 14
3 IBM AUSTRALIA LIMITED ABN: Level 13, IBM Centre, 601 Pacific Highway, St Leonards, NSW 2065 Statement of Work for Services IBM Cybersecurity Assessment and Response Services Emergency Response Services Subscription This Statement of Work ( SOW ) is between the Customer (also called you and your ) and the IBM legal entity ( IBM ) specified in the Schedule for IBM Cybersecurity Assessment and Response Services Emergency Response Services Subscription ( Schedule ). 1. Scope of Work The IBM Cybersecurity Assessment and Response Services - Emergency Response Services Subscription (called Services ) are designed to provide resources to assist you with computer security incidents or assist with emergency response preparation. IBM will provide resources to assist you in preparing for, managing, and responding to computer security incidents, including steps for analysis, intelligence gathering, containment, eradication, recovery, and prevention. IBM will use existing, commercially available tools, as well as IBM proprietary tools, to perform the Services. Such tools and their associated documentation remain the property of IBM or third parties. The details of the Services are specified in the Schedule. 2. Definitions 3. Services Purchased Subscription Hours Number of Emergency Incident Support or consulting hours included annually for the contract term. Emergency Incident Declaration (EIR) a request for assistant responding to a computer security incident CSIRP Computer Security Incident Response Plan. CSIRT Computer Security Incident Response Team. Alert Condition ( AlertCon ) a global risk metric developed by IBM, using proprietary methods. AlertCon is based on a variety of factors, including quantity and severity of known vulnerabilities, exploits for such vulnerabilities, the availability of such exploits to the public, mass-propagating worm activity, and global threat activity. Education Materials include, but are not limited to, lab manuals, instructor notes, literature, methodologies, electronic course and case study images, policies and procedures, and all other training-related property created by IBM. Where applicable, Education Materials may include participant manuals, exercise documents, lab documents and presentation slides provided by IBM. 3.1 Services Coordination IBM Services Coordination Responsibilities IBM will provide an IBM Services specialist who will be IBM s focal point during performance of the Services. The IBM Services specialist will: a. review the SOW, and any associated documents, with your Point of Contact; b. establish and maintain communications through your Point of Contact, as defined in the section entitled Your Point of Contact Responsibilities below; c. review and administer a Project Change Control Procedure with your Point of Contact, as defined in the applicable Schedule; and INTC Page 3 of 14
4 d. coordinate and manage the technical activities of IBM s assigned personnel. Completion Criteria: This is an ongoing activity that will be considered complete at the end of the Services. Deliverable Materials: None Your Point of Contact Responsibilities Prior to the start of the Services, you will designate a person ("your Point of Contact"), to whom all communications relative to the Services will be addressed and who will have the authority to act on your behalf in all matters regarding this SOW. Your Point of Contact will: a. serve as the interface between IBM s project team and all of your departments participating in the Services; b. obtain and provide applicable information, data, consents, decisions and approvals as required by IBM to perform the Services, within two business days of IBM s request; and c. help resolve Services issues, and escalate issues within your organisation, as necessary Your General Responsibilities IBM's performance is dependent upon your management and fulfillment of your responsibilities under this SOW and the Agreement specified in the Schedule ( Agreement ), at no charge to IBM. You agree to: a. make appropriate personnel available to assist IBM in the performance of IBM s responsibilities; b. provide safe access, suitable office space, supplies, furniture, high speed connectivity to the Internet, and other facilities for IBM s personnel while working at Customer s location; c. ensure that current maintenance and license agreements are in place with applicable vendors for those products and services upon which IBM is relying to provide the Services described herein; NOTE TO CONTRACT PREPARER: If the Customer objects to the inclusion of the following item (i.e., being used as a reference), you may delete this item. d. allow IBM to cite your company name and the general nature of the Services IBM performed for you to IBM s other customers and other prospective customers; NOTE TO CONTRACT PREPARER: Delete the following item if the IBM Customer Agreement, or any equivalent agreement, is already in effect with your customer and contains these terms. e. agree that IBM may process the business contact information of your employees and contractors and information about your company as a legal entity (contact information) in connection with IBM Products and Services or in furtherance of IBM s business relationship with you. This contact information can be stored, disclosed internally and processed by International Business Machines Corporation and its subsidiaries, Business Partners and subcontractors wherever they do business, solely for the purpose described above provided that these companies comply with applicable data privacy laws related to this processing. Where required by applicable law, you have notified and obtained the consent of the individuals whose contact information may be stored, disclosed internally and processed and will forward their requests to access, update, correct or delete their contact information to IBM who will then comply with those requests; f. acknowledge and agree that IBM does not provide legal services or represent or warrant that the services or products IBM provides or obtains on your behalf will ensure your compliance with any particular law, including but not limited to any law relating to safety, security or privacy; NOTE TO CONTRACT PREPARER: The following term relates to Data Privacy and Personal Information. The Customer knows its data better than IBM does, therefore Customer is responsible for knowing what laws apply to its data, including any laws or regulations regarding transfer of data outside of the originating country. Data Privacy is concerned with information that relates directly or indirectly to individuals ' but may in some countries include data about legal entities. Examples include information about the Customers, the Customer's employees and the Customers of the Customer. You should also consider information about IBM employees, IBM subcontractors and vendors. IBM is concerned about the collection, use, storage, disclosure, and processing of information about individuals. INTC Page 4 of 14
5 Personal Information is any information that identifies (or can reasonably be used to identify), contact, or locate the individual to whom such information pertains. Typical examples of such information include an individual's name in conjunction with his or her home or business address, telephone number, address, or other data elements that reflect the individual's physical, social or financial characteristics. g. obtain any necessary consents and take any other actions required by applicable laws, including but not limited to data privacy laws, prior to disclosing any of your employee information to IBM. You also agree that with respect to data that is transferred or hosted outside of the country or countries specified in the Schedules, you are responsible for ensuring that all such data transmitted outside of the country or countries specified in the Schedules adheres to the laws and regulations governing such data; h. be responsible as sole Data Controller for complying with all applicable data protection or similar laws regulating the processing of any Personal Data (as such terms are defined in Directive 95/46/EC) provided by or through you to IBM. IBM will only process such Personal Data in a manner which is reasonably necessary to provide the Services and only for that purpose. IBM will follow your reasonable processing instructions with respect to the Personal Data and IBM will use its reasonable endeavors to apply the security measures as set forth in this SOW and the Agreement or as notified to IBM in writing in advance. You are responsible for determining that these measures provide an appropriate level of protection. IBM, in providing the Services, may transfer your data, including Personal Data, across a country border, including outside the European Economic Area ( EEA ), if IBM reasonably considers such transfer appropriate or useful for IBM's performance of the Services and reasonably cooperates with you to meet legal requirements. You are solely responsible for determining that any transfer by you or IBM of your data, including Personal Data, across a country border under the SOW and the Agreement complies with the applicable data protection laws; i. before making available any facilities, software, hardware or other resources, obtain any licenses or approvals related to these resources that may be necessary for IBM and its subcontractors to perform the Services and develop Materials. IBM will be relieved of its obligations that are adversely affected by your failure to promptly obtain such licenses or approvals. You agree to reimburse IBM for any reasonable costs and other amounts, including costs of litigation and settlements, that IBM may incur from your failure to obtain these licenses or approvals; j. be responsible for the content of any database, the selection and implementation of controls on its access and use, backup and recovery, and the security of the stored data. This security will also include any procedures necessary to safeguard the integrity and security of software and data used in the Services from access by unauthorised personnel; be responsible for the identification of interpretation of, and compliance with, any applicable laws, regulations, and statutes that affect your existing systems, applications, programs, or data to which IBM will have access during the Services, including applicable data privacy, export, and import laws and regulations. It is your responsibility to ensure the systems, applications, programs, and data meet the requirements of those laws, regulations and statutes; k. be responsible for providing and paying for Internet access service or telecommunications transport circuits; and l. be responsible for your own network security policy and security violation response procedures Mutual Responsibilities Each of us will comply with applicable export and import laws and regulations, including those of the country or countries specified in the Schedules that prohibit or limit export for certain uses or to certain end users. Each of us will cooperate with the other by providing all necessary information to the other, as needed for compliance. Each of us will provide the other with advance written notice prior to providing the other party with access to data requiring an export license. 3.2 Emergency Response Services IBM Emergency Response Services Responsibilities Activity 1 - Project Initiation The purpose of this activity is to review the processes for making a declaration for a computer security incident that presents a real or a possible threat to your computer system and network environment ( Emergency Incident Declaration ), and to validate the schedule (see Estimated Schedule section). INTC Page 5 of 14
6 Task 1 - Conduct a Project Kickoff Workshop IBM will facilitate an on-site or remote project initiation workshop, for up to one day (eight hours), on a mutually agreed date and time. a. introduce the personnel to be providing the Services; b. confirm your locations to be included in the Services; c. define the process for making an Emergency Incident Declaration, including establishing the designated telephone number(s) and address(es); d. review processes for responding to an Emergency Incident Declaration and for exchanging security incident data in a secure manner; e. discuss preemptive incident preparation tasks, listed in Preemptive Incident Preparation, you can elect to perform using Purchased Subscription Hours; f. mutually agree to preemptive incident preparation tasks listed in Preemptive Incident Preparation, and the allocation of hours to each for the contract term; g. develop a Service Calendar outlining regular checkpoint schedules, and selected preemptive incident preparation tasks; and h. discuss Additional emergency incident hourly support if required to conduct your selected preemptive incident preparation tasks. Completion Criteria: This activity will be considered complete when the project kickoff workshop has been conducted and the Service Calendar delivered. Deliverable Materials: Service Calendar Activity 2 - Preemptive Incident Preparation Utilising Purchased Subscription Hours, IBM will perform preemptive incident preparation tasks as mutually agreed. Exact scope will be determined and mutually agreed upon prior to starting each task. Additional hours may be purchased at the Usage charge rate listed in the Schedule. Task 1 - Active Threat Assessment (1) discuss the current threat and risk level of your enterprise; (2) perform tool-based analysis through active scanning or passive monitoring to attempt to discover any potential malware or botnet activities in the selected environment; (3) identify and document security exposures that may be internally or externally exploitable based on scan; (4) assess the vulnerability of critical external facing assets by conducting network technical testing across Customer-specified Internet-facing IP network addresses; (5) attempt to exploit key identified vulnerabilities and target specific systems and attempt to gain direct access to confidential data and administrator or elevated access privileges on vulnerable systems; (6) attempt to compromise internal networks and systems by leveraging limited external access; (7) demonstrate specific or systematic security weaknesses, if present; and (8) as applicable, analyse and document its findings and recommendations to be included in the Active Threat Assessment Report. Task 2 - Computer Security Incident Response Plan (CSIRP) Gap Assessment (1) discuss the business units and processes in your enterprise with which your current computer security incident response plan interfaces; INTC Page 6 of 14
7 (2) review how the current computer security incident process impacts these business units and processes; (3) review the current computer security incident response team, including its roles, responsibilities, organisation, and reporting hierarchy; (4) review the current computer security incident response plan for your enterprise, if available, and identify potential issues in a CSIRP gap assessment report; (5) conduct interviews, via conference call, with key CSIRP participants such as I/T system administration, I/T network administration, I/T security, corporate security, business continuity, legal, human resources, and public relations; (6) document findings and recommendations in a CSIRP gap assessment report; and (7) discuss findings, for up to two hours, via conference call with your computer security incident response team. Task 3 - Incident Response Training and Incident Simulation (1) conduct a workshop for up to eight hours to provide first responder training, for up to 12 attendees; (2) work remotely with your key members to develop a computer security incident simulation exercise that will test your computer security incident response plan and procedures, with focus on the areas that may need to be updated or improved; (3) conduct and supervise the incident simulation exercise on-site for up to eight hours at your location, paying particular attention to: whether your computer security incident response team is properly notified of the incident, and how long notification takes; how well the members of your computer security incident response team work with each other and members of higher management; how well your computer security incident response team performs in the five phases of incident response (analysis, containment, eradication, recovery, and prevention); how well your computer security incident response team interfaces with external entities (Internet service providers, administrators of other sites, other response teams, law enforcement entities, etc.); and how well your computer security incident response team communicates with customers, external users, employees, and the public media. (4) document findings in Incident Response Training and Simulation Report. Completion Criteria: This activity will be considered complete when IBM has provided the number of hours mutually agreed upon or provides the deliverable material for the task(s) performed, or when the contract end date has passed. Deliverable Materials: Active Threat Assessment Report, as applicable; CSIRP gap assessment report, as applicable; and Incident Response Training and Simulation Report, as applicable. Activity 3 - Emergency Incident Support The purpose of this activity is to provide emergency response for each Emergency Incident Declaration for the term of this SOW. a. provide emergency response 24 hours/day, 7 days/week for Emergency Incident Declarations per the term of this SOW and Schedule. Such response will utilise included subscription hours for onsite and/or remote support for the designated physical locations as specified in the Schedule. If INTC Page 7 of 14
8 additional physical location coverage is required in response to an incident, additional charges may apply; b. within approximately one hour after receiving your call or for an Emergency Incident Declaration, host a conference call with your designated personnel to discuss the symptoms you are observing, actions taken and similar items; c. provide assistance and advice if possible for handling the Emergency Incident Declaration including: (1) analysis of computer security incident data to determine the source of the incident, its cause, and its effects; (2) preventing the effects of the computer security incident from spreading to other computer systems and networks; (3) stopping the computer security incident at its source and/or protecting your computer systems and networks from the effects of the computer security incident; (4) recommendations for restoration of the affected computer systems and networks to normal operation; and (5) suggesting protection methods for your computer systems and networks from future occurrences of the computer security incident; d. prepare and provide an After-Incident Report to your Point of Contact describing the computer security incident, causes and effects, actions taken by IBM, and recommended future actions to mitigate risk; and e. provide additional emergency incident hourly support, in response to your written request. Such support will be provided based on the Usage charge specified as Additional emergency incident hourly support in the Charges section of the Schedule. Note: The tasks outlined in this section, if performed, will consume Purchased Subscription Hours. Additional hours may be purchased at the Usage charge rate listed in the Schedule. Completion Criteria: This activity will be considered complete when the contract end date has passed. Deliverable Materials: After-Incident Report, as applicable. Activity 4 - Quarterly Incident Related Support and Status Update The purpose of this activity is to provide you with ongoing incident related support, up-to-date threat trends, and status updates. a. provide up to 8 hours telephone support each quarter with access to advice and assistance from ERS during normal business hours (currently 8 a.m. to 5 p.m., Eastern Time) on topics in the areas of security incident assessment, preparedness, management, response, and basic triage; b. provide a checkup via remote teleconference for up to 2 hours to review quarterly status, relevant events, service hours utilised and remaining, update service schedule, provide update on threat trends, ensure your incident response readiness, and provide recommendations if appropriate; and c. document result of each telephone support and discussion of the checkup teleconference in a quarterly status report. Completion Criteria: This activity will be considered complete when IBM has provided the following deliverable at the end of each quarter according to the service calendar. Deliverable Materials: Quarterly Status Report Activity 5 - IBM X-Force Hosted Threat Analysis Subscription The IBM X-Force Hosted Threat Analysis Subscription is a security intelligence service that is designed to deliver customised information about a variety of threats that could affect your network security. INTC Page 8 of 14
9 A Portal provides you with access to an environment (and associated tools) designed to monitor and manage your security posture by merging technology and service data from multiple vendors and geographies into a common, Web-based interface. The Portal may also be used to deliver Education Materials. All such Education Materials are licensed not sold and remain the exclusive property of IBM. IBM grants you a license in accordance with the terms provided in the Portal. EDUCATION MATERIALS ARE PROVIDED AS IS AND WITHOUT WARRANTY, GUARANTEE OR INDEMNITY OF ANY KIND BY IBM, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT OF PROPRIETARY AND INTELLECTUAL PROPERTY RIGHTS Task 1 - Deployment and Activation During deployment and initiation, IBM will enable Customer to access the Portal, and will work with you to activate the Services. a. provide access to the Portal 24 hours/day, 7 days/week; b. request one name and address for each Services subscription purchased; c. enable Services access for each subscription purchased; d. provide access to Education Materials in accordance with the terms provided in the Portal; and e. send each licensed Services user a welcome with a user ID and temporary password to the Portal. Task 2 - Security Intelligence Security intelligence is provided by the IBM X-Force Threat Analysis Center. The X-Force Threat Analysis Center publishes an Internet AlertCon threat level. The AlertCon describes progressive alert postures of current Internet security threat conditions. Utilising the Portal, you can create a vulnerability watch list with customised threat information. In addition, each Portal user can request to receive an Internet assessment each business day. This assessment provides an analysis of the current known Internet threat conditions, real-time Internet port metrics data, and individualised alerts, advisories and security news. a. provide you with access to the X-Force Hosted Threat Analysis Service; b. provide you with a username, password, URL and appropriate permissions to access the Portal; c. display security information on the Portal as it becomes available; d. if configured by you, provide security intelligence specific to your defined vulnerability watch list, via the Portal; e. if configured by you, provide an Internet security assessment each business day; f. publish an Internet AlertCon via the Portal; g. provide Portal feature functionality for you to create and maintain a vulnerability watch list; h. provide additional information about an alert, advisory, or other significant security issue as IBM deems necessary; and i. provide access to the Threat IQ via the Portal. Completion Criteria: This activity will be considered complete when IBM has provided two X-Force Hosted Threat Analysis Service annual subscription seats. Deliverable Materials: None Your Emergency Response Services Responsibilities You agree: a. and acknowledge: INTC Page 9 of 14
10 (1) that you may not make an Emergency Incident Declaration until after the project kickoff session has been conducted; (2) your additional locations, or locations not specified in the Schedule, must be contracted for separately; (3) one IBM consultant will be assigned for remote and/or on-site Emergency Incident Declaration response to the declared physical location. Additional IBM consultants must be contracted for separately and are subject to availability; and (4) that if IBM discovers what it considers, in its sole discretion, to be inappropriate content during the performance of the Services, IBM has the authority to report such information to law enforcement. Examples of what IBM would consider inappropriate content includes, but is not limited to, content or activity that involves obscene, pornographic or violent material; b. to provide the IBM Services specialist with the names and telephone numbers (including after hours telephone or pager numbers) of your lead investigator, technical and management contact personnel (including backup personnel) who have the authority to make Emergency Incident Declarations and act upon suggestions and recommendations made by IBM; c. to make appropriate personnel available during IBM s response to an Emergency Incident Declaration to answer questions, obtain requested data, perform suggested actions, and similar items; d. to provide copies of all configuration information, log files, intrusion detection events, and other data related to an Emergency Incident Declaration and its analysis; e. to manage the collection and dissemination of information regarding an Emergency Incident Declaration with your technical and managerial personnel, legal and public relations departments, others within your organisation, and other companies as applicable; f. to be responsible for and facilitate all communications between IBM and any third party vendors, including Internet service providers and content-hosting firms used by you to implement your Internet presence; g. to provide supervised access to your computer systems and computer networks during the agreed upon times and days; h. to provide IBM with an editable copy of you computer security incident response plan for review, if available; i. and acknowledge, that during the Computer Security Incident Response Assessment Report review cycle only three opportunities will be allowed to provide input; j. to provide your proposed changes, comments and feedback during the Computer Security Incident Response Assessment Report review cycle within 5 business days of the receipt of the report, at no additional charge to IBM; k. and acknowledge, that during an emergency incident and upon your request to IBM, additional emergency incident support hours will be provided based on Usage charge specified in the Schedule; l. to provide an executive sponsor for the Services to communicate management commitment to the project; and m. to be responsible for all charges associated with any additional Emergency Incident Declarations you make during the term of this SOW Your IBM X-Force Hosted Threat Analysis Subscription Responsibilities You agree to: a. utilise the Portal to perform daily operational Services activities; b. ensure your employees accessing the Portal on your behalf comply with the Terms of Use, provided therein including, but not limited to, the terms associated with Educational Materials; c. appropriately safeguard your login credentials to the Portal (including not disclosing such credentials to any unauthorised individuals); d. promptly notify IBM if a compromise of your login credentials is suspected; and INTC Page 10 of 14
11 e. indemnify and hold IBM harmless for any losses incurred by you or other parties resulting from your failure to safeguard your login credentials. f. provide IBM with one name and address for each Services subscription purchased; and g. change your temporary password upon first login to the Portal. You agree to use the Portal to: a. subscribe to the daily Internet security assessment , if desired; b. create a vulnerability watch list, if desired; c. access the Threat IQ; and d. agree to adhere to an individual license which entitles a single person in an organisation to login to the IBM Managed Security Services ( IBM MSS ) portal (called Portal ) and customise the delivery of the Services content. This person is entitled to view information in the Portal and to receive notifications configured in the Portal. The individual is not authorised to share or distribute Services information. Although an organisation can transfer an individual license from one person to another if needed, an individual license cannot be shared with other individuals who do not have a proper license. 4. Deliverable Materials Service Calendar The Service Calendar is a Type II Material consisting of the following, as appropriate: (1) Selection and scope of preemptive incident preparation services; (2) Service schedule; and (3) Confirmed locations and contacts information. Active Threat Assessment Report, if applicable The Active Threat Assessment Report is a Type II Material consisting of the following, as appropriate: (1) Executive Summary - a high-level overview of the current risk level and threat posture; (2) Services Overview; (3) Assessment Findings Summary and Detail; and (4) Recommendations specific actions or considerations to address documented issues. CSIRP Gap Assessment Report, if applicable The Incident Response Training and Simulation Report is a Type II Material consisting of the following, as appropriate: (1) Recommended updates to the policy document for incident response plans; (2) Industry best practices for incident response plans as appropriate; (3) Recommended updates to the existing CSIRP that meets the Customer s organisational and business objectives; which will include at a minimum: o o o Incident Handling process defining incident severity and incident response escalation; process including points of contact based on information asset sensitivity and severity of the incident; Accountability matrix that identifies key contacts in the organisation for incident response; and Incident Response Checklist used to determine proper escalation and reporting of the IT security incidents; and (4) Gap analysis describing high level observations discovered while reviewing your current CSIRP. Incident Response Training and Simulation Report, if applicable The Incident Response Training and Simulation Report is a Type II Material consisting of the following, as appropriate: (1) Summary of the training; INTC Page 11 of 14
12 (2) Description of incident scenario; and (3) Any observations and recommendations resulting from the mock incident scenario. Quarterly Status Reports The Quarterly Status Report is a Type II Material consisting of the following, as appropriate: (1) Status of activities and tasks performed or in progress in the reporting quarter; (2) Summary hours used in the reporting quarter and remaining hours in the subscription; (3) Documentation of remote support provided in the reporting quarter; (4) Relevant trends and industry updates on incident management; and (5) Any issues or changes to service calendar and activity schedule. Incident Analysis Report The Incident Analysis Report is a Type II Material consisting of the following, as appropriate: (1) Executive Summary a high level overview of the background and findings related to the incident; (2) Data Collection and Preservation specific actions and steps performed to collect and preserve incident data; (3) Data Analysis detailed results of the incident analysis; and (4) Conclusions and Recommendations summary of the incident and specific actions or considerations to help mitigate the risk of future occurrences. IBM will deliver one copy of the applicable deliverable(s) electronically to your Point of Contact within five business days following the closing of the activity. 5. Estimated Schedule The estimated schedule for the Services is detailed in the Schedule and will be used to establish the contract term. Both parties agree to make reasonable efforts to carry out our respective responsibilities in order to achieve the estimated schedule. 6. Completion Criteria IBM will have fulfilled its obligations for the Services when any one of the following first occurs: a. when the contract end date has passed; or b. the Services are terminated in accordance with the provisions of the Agreement identified in the Schedule. 7. Charges The charges for the Services described in this SOW, exclusive of applicable taxes, are as specified in the Schedule. IBM shall not be responsible for delays or additional requirements imposed by any government agencies, labor disputes, fire, unavoidable casualties, or unforeseen conditions. 8. Other Terms and Conditions 8.1 Limitation of Services You acknowledge and agree that the following are not included as part of the Services described herein: a. services involving incidents of violence, injury to persons, or damage to or theft of tangible personal property; b. services to identify a perpetrator; however, determining the source of network traffic or specific digital activity may be included in the services; c. investigatory interrogation; d. testifying in judicial or administrative proceedings; e. communication on your behalf with any entity, such as law enforcement, the news media, or its customers; INTC Page 12 of 14
13 f. any services requiring professional licensing of the service provider; g. evidentiary chain of custody control or management, but IBM may adhere to your chain of custody procedures in performing its obligations hereunder, provided these are reviewed and agreed to by IBM prior to starting work; h. legal counsel of any kind; i. opinions as to the credibility of any person; or j. any other related services which IBM, at its reasonable discretion, may at any time decline. 8.2 Permission to Perform Testing Certain laws prohibit any unauthorised attempt to penetrate or access computer systems. You authorise IBM to perform the Services as described herein and acknowledge that the Services constitute authorised access to your computer systems. IBM may disclose this grant of authority to a third party if deemed necessary to perform the Services. The Services that IBM performs entail certain risks and you agree to accept all risks associated with such Services; provided, however, that this does not limit IBM s obligation to perform the Services in accordance with the terms of this SOW. You acknowledge and agree to the following: a. excessive amounts of log messages may be generated, resulting in excessive log file disk space consumption; b. the performance and throughput of your systems, as well as the performance and throughput of associated routers and firewalls, may be temporarily degraded; c. some data may be changed temporarily as a result of probing vulnerabilities; d. your computer systems may hang or crash, resulting in system failure or temporary system unavailability; e. any service level agreement rights or remedies will be waived during any testing activity; f. a scan may trigger alarms by intrusion detection systems; g. some aspects of the Services may involve intercepting the traffic of the monitored network for the purpose of looking for events; and h. new security threats are constantly evolving and no service designed to provide protection from security threats will be able to make network resources invulnerable from such security threats or ensure that such service has identified all risks, exposures and vulnerabilities. 8.3 Systems Owned by a Third Party For systems (which for purposes of this provision includes but is not limited to applications and IP addresses) owned by a third party that will be the subject of testing hereunder, you agree: a. that prior to IBM initiating testing on a third party system, you will obtain a signed letter from the owner of each system authorising IBM to provide the Services on that system, and indicating the owner's acceptance of the conditions set forth in the section entitled Permission to Perform Testing and to provide IBM with a copy of such authorisation; b. to be solely responsible for communicating any risks, exposures, and vulnerabilities identified on these systems by IBM s remote testing to the system owner, and c. to arrange for and facilitate the exchange of information between the system owner and IBM as deemed necessary by IBM. You agree: a. to inform IBM immediately whenever there is a change in ownership of any system that is the subject of the testing hereunder; b. not to disclose the deliverable Materials, or the fact that IBM performed the Services, outside your Enterprise without IBM s prior written consent; and c. to indemnify IBM in full for any losses or liability IBM incurs due to third party claims arising out of the your failure to comply with the requirements of this section entitled, "Systems Owned by a Third Party" and for any third party subpoenas or claims brought against IBM or IBM s subcontractors or agents arising out of (a) testing the security risks, exposures or vulnerabilities of the systems that INTC Page 13 of 14
14 8.4 Disclaimer are the subject of testing hereunder, (b) providing the results of such testing to you, or (c) your use or disclosure of such results. You understand and agree: a. that it is solely within your discretion to use or not use any of the information provided pursuant to the Services hereunder. Accordingly, IBM will not be liable for any actions that you take or choose not to take based on the Services performed and/or deliverables provided hereunder; b. that it is your sole responsibility to provide appropriate and adequate security for the company, its assets, systems and employees; c. that it is your responsibility to add the IP addresses associated with the testers to any filtering devices, thereby permitting unfiltered network access to the target systems; d. not to modify the configurations of any in-scope systems and infrastructure devices during the period of testing; and e. that new technology, configuration changes, software upgrades and routine maintenance, among other items, can create new and unknown security exposures. Moreover, computer hackers and other third parties continue to employ increasingly sophisticated techniques and tools, resulting in ever-growing challenges to individual computer system security. IBM s performance of the Services does not constitute any representation or warranty by IBM about the security of your computer systems including, but not limited to, any representation that your computer systems are safe from intrusions, viruses, or any other security exposures. IBM does not make any warranty, express or implied, or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information provided as part of the Services. INTC Page 14 of 14
IBM Global Technology Services Statement of Work. for. IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing
IBM Global Technology Services Statement of Work for IBM Infrastructure Security Services - Penetration Testing - Express Penetration Testing The information in this Statement of Work may not be disclosed
More informationIBM Managed Security Services (Cloud Computing) hosted mobile device security management
IBM Managed Security Services (Cloud Computing) hosted mobile device security management Z125-8855-00 11-2011 Page 1 of 15 Table of Contents 1. Scope of Services... 3 2. Definitions... 3 3. Services...
More information3.1 Security Operations Centers. 3.2 Portal. 3.3 Services Contacts
Services Description IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) IBM Managed Security Services (Cloud Computing)
More informationIBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security
IBM Managed Security Services (Cloud Computing) hosted e-mail and Web security - express managed Web security INTC-8608-01 CE 12-2010 Page 1 of 8 Table of Contents 1. Scope of Services...3 2. Definitions...3
More informationServices Description. IBM Managed Security Services (Cloud Computing) - Hosted Vulnerability Management
Services Description IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) IBM Managed Security Services (Cloud Computing)
More informationAttachment for IBM Internet Security Systems Products and Services
IBM Customer Agreement IBM Ireland Limited Registered in Dublin: No. 16226 Registered Office: Oldbrook House 24-32 Pembroke Road Ballsbridge, Dublin 4. Attachment for IBM Internet Security Systems Products
More informationIBM Implementation Services for Power Systems IBM Systems Director
Sample Statement of Work for Services This an example and your Statement of Work may vary given your specific requirements and the related IBM engagement. IBM Implementation Services for Power Systems
More informationHow To Use Adobe Software For A Business
EXHIBIT FOR MANAGED SERVICES (2013V3) This Exhibit for Managed Services, in addition to the General Terms, the OnDemand Exhibit, and any applicable PDM, applies to any Managed Services offering licensed
More informationService Description: Dell Backup and Recovery Cloud Storage
Service Description: Dell Backup and Recovery Cloud Storage Service Providers: Dell Marketing L.P. ( Dell ), One Dell Way, Round Rock, Texas 78682, and it s worldwide subsidiaries, and authorized third
More informationELECTRONIC FILER AGREEMENT
ELECTRONIC FILER AGREEMENT This Electronic Filer Agreement (the Agreement) is made by and among the Celotex Asbestos Settlement Trust (the Celotex Trust), and, after assignment as hereinafter provided,
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement and is made between BEST Life and Health Insurance Company ( BEST Life ) and ( Business Associate ). RECITALS WHEREAS, the U.S.
More informationHow To Use Ibm Managed Security Services (Cloud Computing) On A Pc Or Macbook Or Ipa (For Pc) On An Ipa Or Ipam (For Macbook) On Your Pc Or Ipom (For Ipa) On
IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Standard Z125-8477-01 11-2010 Page 1 of 19 Table of Contents 1. Scope of Services... 3 2. Definitions... 3 3.
More informationELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING
ELECTRONIC TRADING FACILITIES SUPPLEMENTAL TERMS AND CONDITIONS OF TRADING This Supplemental Terms and Conditions of Trading is supplemental to and forms part of the terms and conditions set out in the
More informationService Description: Cisco Prime Home Hosted Services. This document describes the Cisco Prime Home Hosted Services.
Service Description: Cisco Prime Home Hosted Services This document describes the Cisco Prime Home Hosted Services. Related Documents: The following documents also posted at www.cisco.com/go/servicedescriptions/
More informationSERVICE TERMS AND CONDITIONS
SERVICE TERMS AND CONDITIONS Last Updated: April 19th, 2016 These Service Terms and Conditions ( Terms ) are a legal agreement between you ( Customer or you ) and Planday, Inc., a Delaware corporation
More informationService Agreement Hosted Dynamics GP
Service Agreement Hosted Dynamics GP This is a Contract between you ( Company ) and WebSan Solutions Inc. ( WebSan ) of 245 Fairview Mall Drive, Suite 508, Toronto, ON M2J 4T1, Canada. This contract applies
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationBUSINESS ONLINE BANKING AGREEMENT
BUSINESS ONLINE BANKING AGREEMENT This Business Online Banking Agreement ("Agreement") establishes the terms and conditions for Business Online Banking Services ( Service(s) ) provided by Mechanics Bank
More informationSupport Line for Storage
Agreement for IBM Software Support Services This Agreement for IBM Software Support Services Support Line for Storage is between the Customer (also called you and your ) and International Business Machines
More informationDraft Information Technology Policy
Draft Information Technology Policy Version 3.0 Draft Date June 2014 Status Draft Approved By: Table of Contents 1.0 Introduction... 6 Background... 6 Purpose... 6 Scope... 6 Legal Framework... 6 2.0 Software
More informationSYMPHONY LEARNING LICENSE AND REMOTE HOSTED SERVICES AGREEMENT
SYMPHONY LEARNING LICENSE AND REMOTE HOSTED SERVICES AGREEMENT PLEASE READ THIS LICENSE AND REMOTE HOSTED SERVICES AGREEMENT CAREFULLY BEFORE USING THIS WEB SITE BY CHOOSING THE ACCEPT BUTTON YOU ARE (1)
More informationPointCentral Subscription Agreement v.9.2
PointCentral Subscription Agreement v.9.2 READ THIS SUBSCRIPTION AGREEMENT ( AGREEMENT ) CAREFULLY BEFORE INSTALLING THIS SOFTWARE. THIS AGREEMENT, BETWEEN CALYX TECHNOLOGY, INC., DBA CALYX SOFTWARE (
More informationAntivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)
Below you will find the following sample policies: Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template) *Log in to erisk Hub for
More informationSUPPLIER SECURITY STANDARD
SUPPLIER SECURITY STANDARD OWNER: LEVEL 3 COMMUNICATIONS AUTHOR: LEVEL 3 GLOBAL SECURITY AUTHORIZER: DALE DREW, CSO CURRENT RELEASE: 12/09/2014 Purpose: The purpose of this Level 3 Supplier Security Standard
More informationMTN Managed Firewall. Description of Service
MTN Managed Firewall Description of Service Managed Firewall ("Service") is a managed security service for Internet access customers that provides firewall configuration, administration, monitoring, support
More informationStandard: Information Security Incident Management
Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of
More informationELECTRONIC FILER AGREEMENT [REVISED JANUARY 1, 2014]
This Electronic Filer Agreement ( Agreement ) is made by and between the DII Industries, LLC Asbestos PI Trust ( Trust ), P.O. Box 821628, Dallas, Texas 75382, and the law firm of, with offices at ( Law
More informationTEXTURA AUSTRALASIA PTY LTD ACN 160 777 088 ( Textura ) CONSTRUCTION PAYMENT MANAGEMENT SYSTEM TERMS AND CONDITIONS OF USE
TEXTURA AUSTRALASIA PTY LTD ACN 160 777 088 ( Textura ) CONSTRUCTION PAYMENT MANAGEMENT SYSTEM TERMS AND CONDITIONS OF USE Welcome to the Textura Construction Payment Management ( CPM ) System. By clicking
More informationEND USER LICENSE AGREEMENT COMODO C-VERIFY FOR E-MAIL (BETA VERSION)
END USER LICENSE AGREEMENT COMODO C-VERIFY FOR E-MAIL (BETA VERSION) BETA NOTICE: This is BETA software and may have serious bugs which may cause damage to your computer and data. It is intended for qualified
More informationELECTRONIC FILER AGREEMENT
ELECTRONIC FILER AGREEMENT This Electronic Filer Agreement (the Agreement ) is made by and among the Delaware Claims Processing Facility (the Facility ), with offices at 1007 North Orange Street, Wilmington,
More informationOverview Software Assurance is an annual subscription that includes: Technical Support, Maintenance and Software Upgrades.
Software Maintenance & Support Agreement This agreement ( Support Agreement, Software Assurance, Agreement ) is for the purpose of defining the terms and conditions under which Technical Support, Maintenance
More informationSTANDING CLOUD, INC. ( SC ) TERMS OF SERVICE
STANDING CLOUD, INC. ( SC ) TERMS OF SERVICE These Terms of Service ( Terms ) govern your use of Standing Cloud s online deployment platform for application software (the Services ). By using the Services,
More informationServices Description. IBM Managed Security Services (Cloud Computing) - Hosted Security Event and Log Management - Select
Services Description IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) IBM Managed Security Services (Cloud Computing)
More informationTERMS & CONDITIONS of SERVICE for MSKnote. Refers to MSKnote Limited. Refers to you or your organisation
TERMS & CONDITIONS of SERVICE for MSKnote Definitions: "Us or Our or We or Company" You or Your or Client Refers to MSKnote Limited Refers to you or your organisation Information about us: We are MSKnote
More informationChambers Bank Business Internet Banking Agreement
Chambers Bank Business Internet Banking Agreement 1. INTRODUCTION. Chambers Bank Business Online Banking is a banking and information service that allows its Business Banking clients, via the Internet,
More informationCOMPUTER SOFTWARE AS A SERVICE LICENSE AGREEMENT
COMPUTER SOFTWARE AS A SERVICE LICENSE AGREEMENT This Agreement is binding on the individual and the company, or other organization or entity, on whose behalf such individual accepts this Agreement, that
More informationPLEASE READ THIS AGREEMENT CAREFULLY AND KEEP A COPY FOR YOUR RECORDS.
PLEASE READ THIS AGREEMENT CAREFULLY AND KEEP A COPY FOR YOUR RECORDS. Farmers & Merchants Savings Bank Online Banking Agreement 1. The Service. In consideration of the Online Banking services (hereinafter
More informationSAMPLE RETURN POLICY
DISCLAIMER The sample documents below are provided for general information purposes only. Your use of any of these sample documents is at your own risk, and you should not use any of these sample documents
More informationPaychex Accounting Online Terms of Use
Paychex Accounting Online Terms of Use Paychex recommends that Client read the Terms of Use prior to using the Paychex Accounting Online Software ( Software ). If Client does not accept and agree with
More informationEvoqua Water Technologies LLC. ( Evoqua )
Evoqua Water Technologies LLC. ( Evoqua ) Remote Monitoring Services Terms and Conditions of Use These terms and conditions govern the use of Evoqua Link2Site sm Remote Monitoring Services whether the
More informationTerms and Conditions- OnAER Remote Monitoring Service
Terms and Conditions- OnAER Remote Monitoring Service TERMS OF SERVICE Please read these terms of user ( Agreement or Terms of Service ) carefully before using the services offered by AERCO International,
More informationRevised 10/13 SUBSCRIBER AGREEMENT. Introduction
SUBSCRIBER AGREEMENT Introduction This Agreement (the "Agreement") sets forth the terms and conditions under which Consolidated Companies, Inc., together with any affiliate and/or distribution partner
More informationSaaS Terms & Conditions
SaaS Terms & Conditions TERMS OF USE: BY CLICKING THE REGISTER BUTTON DISPLAYED AS PART OF THE REGISTRATION PROCESS, YOU AGREE TO THE FOLLOWING TERMS AND CONDITIONS (THE AGREEMENT ) GOVERNING YOUR USE
More informationData Processing Agreement for Oracle Cloud Services
Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services
More informationZIMPERIUM, INC. END USER LICENSE TERMS
ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side
More informationADP Ambassador /Referral Rewards Program. Terms and Conditions of Use
ADP Ambassador /Referral Rewards Program Terms and Conditions of Use These Terms and Conditions ("Terms") are an agreement between ADP, LLC ("ADP"), on behalf of its Major Accounts Services Division ("MAS"),
More informationStatement of Work. for. Online Event Registration Product Deployment for Salesforce Implementation. for. Open Web Application Security Project (OWASP)
Statement of Work for Online Event Registration Product Deployment for Salesforce Implementation for Open Web Application Security Project (OWASP) July 9, 2010 TABLE OF CONTENTS INTRODUCTION... 3 SCOPE...
More information1.3 The Terms are accepted by the Customer upon registration or ordering of the Products or renewal of any such subscription.
September 2015 WEBCRM SUBSCRIPTION TERMS AND CONDITIONS COMMERCIAL USE ONLY 1. Introduction 1.1 These subscription terms and conditions ("Terms") govern your ("Customer") subscription for and use of the
More informationVIRTUAL OFFICE WEBSITE LICENSE AGREEMENT
Florida Keys Multiple Listing Service, Inc. VIRTUAL OFFICE WEBSITE LICENSE AGREEMENT Florida Keys MLS, Inc. 92410 Overseas Hwy, Ste. 11 Tavernier FL 33070 305-852-92940 305-852-0716 (fax) www.flexmls.com
More informationTERMS AND CONDITIONS FOR THE USE OF SINGAPORE POWER SUPPLIER RELATIONSHIP MANAGEMENT SYSTEM (SPSRM)
SINGAPORE POWER SUPPLIER RELATIONSHIP MANAGEMENT SYSTEM (SPSRM) Contents 1 Definitions... 3 2 Singapore Power Supplier Relationship Management System (SPSRM)... 5 3 Security, Access and Use of SPSRM...
More informationTERMS and CONDITIONS OF USE - NextSTEPS TM
TERMS and CONDITIONS OF USE - NextSTEPS TM DATED MARCH 24, 2014. These terms and conditions of use (the Terms and Conditions ) govern your use of the website known as NextSTEPS TM, https://www.stepsonline.ca/
More informationProvider secure web portal & Member Care Information portal Registration Form
Provider secure web portal & Member Care Information portal Registration Form Thank you for your interest in registering for the Aetna Better Health Provider Secure Web Portal and the Aetna Better Health
More informationSUBSCRIPTION AGREEMENT FOR ELECTRONIC ACCESS TO OFFICIAL RECORDS KEN BURKE, CPA CLERK OF CIRCUIT COURT & COMPTROLLER PINELLAS COUNTY, FL
KEN BURKE, CPA CLERK OF CIRCUIT COURT & COMPTROLLER PINELLAS COUNTY, FL This agreement is made and entered into by and between, Ken Burke, CPA, Pinellas County Clerk of the Circuit Court & Comptroller,
More informationService Description IBM Infrastructure Security Services firewall management - managed VPN concentrator
IBM United Kingdom Limited Registered in England: 741598 Registered Office: PO Box 41, North Harbour, Portsmouth, PO6 3AU (hereinafter IBM ) Service Description IBM Infrastructure Security Services firewall
More informationROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014.
ROHIT GROUP OF COMPANIES PRIVACY POLICY This privacy policy is subject to change without notice. It was last updated on July 23, 2014. The Rohit Group of Companies ( Rohit Group, Company, our, we ) understands
More informationyou. This warranty gives you specific legal rights, and you may also have other rights that vary from state-to-state.
User Agreement This User Agreement ("Agreement") is entered into by and between Benefit Communications Inc. ("BCI"), a Tennessee corporation, and you, the user ("you", "your", or "user"), and governs your
More informationIBM Infrastructure Security Services Managed Security Information and Event Management Service Description
IBM Infrastructure Security Services Managed Security Information and Event Management Service Description Z126-6526-SSA-1 04-2014 Page 1 of 34 Table of Contents 1.0 Scope of Services... 5 2.0 Definitions...
More informationKinetic Internet Limited
Kinetic Internet Limited Company No: 4470080 ADDENDUM Dedicated Server Terms and Conditions KINETIC INTERNET is an International Communications company that provides Dedicated Server services. The customer
More informationService Schedule for Business Email Lite powered by Microsoft Office 365
Service Schedule for Business Email Lite powered by Microsoft Office 365 1. SERVICE DESCRIPTION Service Overview 1.1 The Service is a hosted messaging service that delivers the capabilities of Microsoft
More informationWeb Terms & Conditions
PART 1: OUR AGREEMENT WITH YOU 1. AGREEMENT 1.1 Parties This Agreement is made between Cheap Web Designers (ACN 126 117 619) of Suite 504, 365 Little Collins Street Melbourne VIC 3000 ("CWD") and YOU the
More informationBUSINESS ON-LINE BANKING AGREEMENT
BUSINESS ON-LINE BANKING AGREEMENT THIS BUSINESS ON-LINE BANKING AGREEMENT (this Agreement ) is for Business On-Line Banking Services provided by First National Bank of Northern California, ( Bank or we
More informationAGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND
AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered
More information1 Welcome to RAYNET Cloud CRM! 2 Eligibility/ Registration. 3 Services available. Free version. Profi version
1 Welcome to RAYNET Cloud CRM! RAYNET Cloud CRM is a web-based service, which is the property of RAYNETCRM, LLC based in 330 S. Pineapple Avenue, Suite 110, Sarasota, Florida 34236. The present terms and
More informationGENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE
GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE By using the Genoa Online system (the System ), you acknowledge and accept the following terms of use: This document details the terms of
More informationCovered California. Terms and Conditions of Use
Terms and Conditions of Use Contents: Purpose Of This Agreement Privacy Policy Modification Of This Agreement Permission To Act On Your Behalf How We Identify You Registration Additional Terms For Products
More informationBest Companies Limited Website Terms and Conditions
These Terms and Conditions ( Terms ) govern your access to and use of the Website. By accessing and using the Website you agree that you have read and accept these terms and conditions and that they shall
More informationOXFORD UNIVERSITY PRESS ONLINE JOURNALS: INSTITUTIONAL ONLINE AGREEMENT
OXFORD UNIVERSITY PRESS ONLINE JOURNALS: INSTITUTIONAL ONLINE AGREEMENT IMPORTANT: BY COMPLETING THE ONLINE REGISTRATION MATERIALS, SIGNING AND SENDING THEM TO OXFORD UNIVERSITY PRESS (OR BY SELECTING
More information1.1 Authorized User means an employee of Customer who has been issued a User ID in accordance with Section 3.2(a).
RealPrence Cloud Video Meeting Services POLYCOM, INC., VIDEO-AS-A-SERVICE TERMS OF SERVICE This Video-as-a-Service Terms of Service (the Agreement ) govern the access to and use of the VaaS by each person
More informationYa-YaOnline Platform ( Service ).
SOFTWARE AS A SERVICE AGREEMENT FOR THE USE OF: Ya-YaOnline Platform ( Service ). NOW IT IS HEREBY AGREED by and between the parties hereto as follows:- Definitions "Agreement" means this Agreement and
More informationSupplier IT Security Guide
Revision Date: 28 November 2012 TABLE OF CONTENT 1. INTRODUCTION... 3 2. PURPOSE... 3 3. GENERAL ACCESS REQUIREMENTS... 3 4. SECURITY RULES FOR SUPPLIER WORKPLACES AT AN INFINEON LOCATION... 3 5. DATA
More informationThese TERMS AND CONDICTIONS (this Agreement ) are agreed to between InfluencersAtWork,
TERMS AND CONDITIONS INFLUENCERS AT WORK These TERMS AND CONDICTIONS (this Agreement ) are agreed to between InfluencersAtWork, Ltd. ( InfluencerAtWork ) and you, or if you represent a company or other
More informationViva Energy may from time to time amend, delete or supplement these Terms and Conditions. Any change takes effect from the earlier of:
SHELL CARD ONLINE TERMS AND CONDITIONS VERSION: AUGUST 2014 1. SCOPE 1.1 These Terms and Conditions apply to use of the Shell Card Online (SCOL) web programme accessible via www.vivaenergy.com.au, by a
More informationCCH INCORPORATED, A WOLTERSKLUWER COMPANY ACCESS AGREEMENT FOR THE
CCH INCORPORATED, A WOLTERSKLUWER COMPANY ACCESS AGREEMENT FOR THE Accounting Research Manager INFORMATION DATABASE PROVIDED THROUGH Mayer Hoffman McCann P.C. ("AGREEMENT" OR "ACCESS AGREEMENT") IN THIS
More informationSPECIAL CONDITIONS OF PRIVATE CLOUD Version dated 08/06/2011
SPECIAL CONDITIONS OF PRIVATE CLOUD Version dated 08/06/2011 DEFINITIONS : Cloud: Technology that uses remote resources and storage. Host Server: Physical Server with a memory load and a processor load.
More informationBUSINESS INTERNET BANKING AGREEMENT
BUSINESS INTERNET BANKING AGREEMENT THIS AGREEMENT COVERS Nevada State Bank Business Internet Banking is a banking and information service that allows Business Banking clients, via the Internet, to access
More informationSMARSH WEBSITE & HOSTING REPRESENTATIVE TERMS & CONDITIONS
SMARSH WEBSITE & HOSTING REPRESENTATIVE TERMS & CONDITIONS This Webhosting & Services Terms and Conditions ( Terms ) are effective as of the date of execution of the Order Form, as defined in Section 1,
More informationHamilton.net User Agreement Revised August 31, 2004. Acceptance of Terms Through Use
Hamilton.net User Agreement Revised August 31, 2004 Acceptance of Terms Through Use By using the Hamilton.net Internet Service (the Service ), you signify your agreement to all of the terms, conditions,
More informationFOREXer Advisory ADVISORY AGREEMENT. Last update of this DisclosureDocument is Aug 1 st, 2013.
FOREXer Advisory ADVISORY AGREEMENT Last update of this DisclosureDocument is Aug 1 st, 2013. TRADING ADVISORY AGREEMENT This Trading Advisory Agreement (the Agreement ) is entered into as of the Date:-------------------by
More informationEND USER LICENSE AGREEMENT ( EULA )
END USER LICENSE AGREEMENT ( EULA ) PLEASE READ CAREFULLY THIS EULA IS A LEGAL AGREEMENT BETWEEN YOU, EITHER AS AN INDIVIDUAL, COMPANY OR OTHER LEGAL ENTITY (IN ANY CAPACITY REFERRED TO HEREIN AS END USER,
More informationMYACCLAIM PRIVACY POLICY
MYACCLAIM PRIVACY POLICY 1. Introduction MyAcclaim is an online collaboration tool that allows users to annotate video. MyAcclaim s mission is to allow its users, with ease and simplicity, to unleash the
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University
More informationHIPAA BUSINESS ASSOCIATE AGREEMENT
HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ( Agreement ) is by and between ( Covered Entity ) and Xelex Digital, LLC ( Business Associate ), and is effective as of. WHEREAS,
More informationBill Payment Service Terms and Conditions
Bill Payment Service Terms and Conditions Table of Contents 1. Definitions...1 2. Effective Date...1 3. Bill Payment Services...1 4. Data and Records...1 5. Fees...2 6. Confidentiality...2 7. Indemnity...3
More informationBUSINESS ASSOCIATE AGREEMENT
BUSINESS ASSOCIATE AGREEMENT THIS BUSINESS ASSOCIATE AGREEMENT ( Agreement ) is entered into by and between (the Covered Entity ), and Iowa State Association of Counties (the Business Associate ). RECITALS
More informationBy using the Cloud Service, Customer agrees to be bound by this Agreement. If you do not agree to this Agreement, do not use the Cloud Service.
1/9 CLOUD SERVICE AGREEMENT (hereinafter Agreement ) 1. THIS AGREEMENT This Cloud Service Agreement ("Agreement") is a binding legal document between Deveo and you, which explains your rights and obligations
More information1.1.1. Comply with these Terms of Use at all times while using the Site;
These Terms of Use set out the terms and conditions of a contract between you and Orange Base Hospital Chronic Pain Telehealth clinic governing your access to, and use of, the Site (defined below). By
More informationMicrosoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID MOS10
Microsoft Online Subscription Agreement/Open Program License Amendment Microsoft Online Services Security Amendment Amendment ID This Microsoft Online Services Security Amendment ( Amendment ) is between
More informationS E R V E R C E N T R E H O S T I N G
S E R V E R C E N T R E H O S T I N G Managed Hosting Microsoft Lync - Service Level Agreement Server Centre Hosting Limited Master Version - 2.1 Server Centre Hosting Ltd, The Old Public House, 3 Watnall
More informationPeopleMatrix Application Hosting Services Agreement
PeopleMatrix Application Hosting Services Agreement WolfeReiter, LLC CONTENTS 1. Services Agreement... 2 1.1. Description of Services... 2 1.2. Term... 2 1.3. Customer Responsibilities... 2 1.4. Payment
More informationUK Vendor Website - Terms of Use Agreement
UK Vendor Website - Terms of Use Agreement UK Vending Ltd owns and operates The UK-Vendors Network, also known as UKV Vendors Support network and www.ukvendors.com. By joining this group, members agree
More informationORACLE LINUX AND ORACLE VM SERVICES AGREEMENT
ORACLE LINUX AND ORACLE VM SERVICES AGREEMENT A. Agreement Definitions You and your refers to the individual or entity that has executed this agreement ( agreement ) and ordered services from Oracle Finland
More informationDATA SECURITY AGREEMENT. Addendum # to Contract #
DATA SECURITY AGREEMENT Addendum # to Contract # This Data Security Agreement (Agreement) is incorporated in and attached to that certain Agreement titled/numbered and dated (Contract) by and between the
More informationOnline Account Management Service The Reliant Online Account Management Service consists of the following features:
Online Account Management Service Agreement 08/22/2014 By using Reliant s Online Account Management Service, you are agreeing to the terms and conditions of this Agreement with Reliant Energy Retail Services,
More informationHow To Make A Contract Between A Client And A Hoster
Web Hosting Terms & Conditions Please read these web-hosting terms carefully, as they set out our and your rights and obligations in relation to our web hosting services. AGREEMENT: Whereas: (1) The Ruby
More informationTerms of Service. This online privacy policy applies only to information collected through our website and not to information collected offline.
Terms of Service Privacy Policy Mahavitaran (mahadiscom) respects and protects the privacy of the individuals that access the information and use the services brought through them. Individually identifiable
More informationVIETNAM LAWS ONLINE DATABASE License Agreement Multi-user Subscription
VIETNAM LAWS ONLINE DATABASE License Agreement Multi-user Subscription A multi-user subscription to the Vietnam Laws Online Database is governed by the terms and conditions of this License Agreement. If
More informationAPPENDIX A that is not acceptable. Arbitration settled by arbitration arbitration shall be held in New Jersey substantive law of New Jersey
APPENDIX A The attorneys in the Office of University Counsel at the University of Colorado Denver Anschutz Medical Campus review many different types of contracts on behalf of the University. Legal review
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationELKHART COUNTY BOARD OF REALTORS AND MULTIPLE LISTING SERVICE OF ELKHART COUNTY INC. VIRTUAL OFFICE WEBSITE (VOW) LICENSE AGREEMENT
ELKHART COUNTY BOARD OF REALTORS AND MULTIPLE LISTING SERVICE OF ELKHART COUNTY INC. VIRTUAL OFFICE WEBSITE (VOW) LICENSE AGREEMENT This License Agreement (the Agreement) is made and entered into between
More information