External Assessments. As each Licensed Respondents continue to receive external assessments from time to time related to their IT and Cybersecurity Program, they shall prioritize reasonable and appropriate corrective actions with respect to identified issues, findings, recommendations, and risks in such audits (collectively, “External Assessment Findings”, and, individually, an “External Assessment Finding”). To the extent the Licensed Respondents disagree with the nature, risk, and/or significance of an External Assessment Finding, including, but not limited to whether the cost of conducting any corrective action outweighs the benefit of such corrective action, the Licensed Respondents may disregard in whole or in-part any External Assessment Finding, and shall document that decision.
Appears in 4 contracts
Sources: Settlement Agreement, Settlement Agreement, Settlement Agreement