Incident Event and Communications Management Clause Samples

Incident Event and Communications Management a. Incident Management/Notification of Breach - Transfer Agent shall develop, implement and maintain an incident response plan that specifies actions to be taken when Transfer Agent or one of its subcontractors suspects or detects that a party has gained material unauthorized access to Fund Data or systems or applications containing any Fund Data (the “Response Plan”). Such Response Plan shall include the following: i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Fund Data (including backed up data) to Fund via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as Transfer Agent is prohibited by law, rule, regulation or other governmental authority from notifying Fund.

Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). It must be approved by management, and have an owner to maintain and review the program. Such Response Plan shall include the following: i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Client Data (including backed up data) to Client via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by law, rule, regulation or other governmental authority from notifying Client. ii. Incident Reporting - State Street will use commercially reasonable efforts to promptly furnish to Client information that State Street has regarding the general circumstances and extent of such unauthorized access.

Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street will maintain an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan will include an escalation procedure that includes notification to senior managers and reporting to regulatory and law enforcement agencies, when and if applicable. State Street will use commercially reasonable efforts to investigate, remediate and mitigate such unauthorized access. b. State Street will notify Client within forty-eight (48) hours after it has determined that unauthorized access to Client Data has occurred, unless otherwise prohibited by Applicable Law. In such an event, and unless prohibited by Applicable Law, State Street will provide information, to the extent available to State Street, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and will provide reasonable cooperation to Client: i. in the investigation of any such unauthorized access; ii. in Client’s efforts to comply with statutory notice or other Applicable Laws applicable to Client or its customers; and iii. in litigation and investigations brought by Client against third parties, including injunctive or other equitable relief reasonably necessary to protect Client’s proprietary rights.

Incident Event and Communications Management a. Incident Management/Notification of Breach - Accounting Agent will maintain an incident response plan that specifies actions to be taken when Accounting Agent or one of its subcontractors suspects or detects that a party has gained unauthorized access to S▇▇▇▇▇ Funds Confidential Information or systems or applications containing any S▇▇▇▇▇ Funds Confidential Information (the “Response Plan”). Such Response Plan will include an escalation procedure that includes notification to senior managers and reporting to regulatory and law enforcement agencies, when and if applicable. Accounting Agent will use commercially reasonable efforts to investigate, remediate and mitigate such unauthorized access. b. Accounting Agent will notify S▇▇▇▇▇ Funds within forty-eight (48) hours after it has determined that unauthorized access to S▇▇▇▇▇ Funds Confidential Information has occurred, unless otherwise prohibited by applicable law. In such an event, and unless prohibited by applicable law, Accounting Agent will provide information, to the extent available to Accounting Agent, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and will provide reasonable cooperation to S▇▇▇▇▇ Funds: i. in the investigation of any such unauthorized access; ii. in S▇▇▇▇▇ Funds’ efforts to comply with statutory notice or other applicable laws applicable to S▇▇▇▇▇ Funds or its customers; and iii. in litigation and investigations brought by S▇▇▇▇▇ Funds against third parties, including injunctive or other equitable relief reasonably necessary to protect S▇▇▇▇▇ Funds’ proprietary rights. For the avoidance of doubt, Accounting Agent will not be required to disclose information that Accounting Agent reasonably determines would compromise the security of Accounting Agent's technology or premises or that would impact other Accounting Agent clients.

Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street will maintain an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan will include an escalation procedure that includes notification to senior managers and reporting to regulatory and law enforcement agencies, when and if applicable. State Street will use commercially reasonable efforts to investigate, remediate and mitigate such unauthorized access. b. State Street will notify Client within forty-eight (48) hours after it has determined that unauthorized access to Client Data has occurred, unless otherwise prohibited by Applicable Law. In such an event, and unless prohibited by Applicable Law, State Street will provide information, to the extent available to State Street, sufficient to provide a reasonable description of the general circumstances and extent of such unauthorized access, and will provide reasonable cooperation to Client: i. in the investigation of any such unauthorized access; ii. in Client’s efforts to comply with statutory notice or other Applicable Laws applicable to Client or its customers; and iii. in litigation and investigations brought by Client against third parties, including injunctive or other equitable relief reasonably necessary to protect Client’s proprietary rights. For the avoidance of doubt, State Street will not be required to disclose information that State Street reasonably determines would compromise the security of State Street’s technology or premises or that would impact other State Street clients. Information Classification: Limited Access Lord ▇▇▇▇▇▇ Private Credit Fund Delaware Yes Lord ▇▇▇▇▇▇ Private Credit Funding 1, LLC Delaware No Information Classification: Limited Access

Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained unauthorized access to Funds’ Data or systems or applications containing any Funds’ Data (the “Response Plan”). It must be approved by management, and have an owner to maintain and review the program. Such Response Plan shall include the following: i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Funds’ Data (including backed up data) to the Funds via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by law, rule, regulation or other governmental authority from notifying the Funds.

Incident Event and Communications Management a. Incident Management/Notification of Breach - State Street shall develop and implement an incident response plan that specifies actions to be taken when State Street or one of its subcontractors suspects or detects that a party has gained material unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan shall include the following: i. Escalation Procedures—An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies. This procedure shall provide for reporting of incidents that compromise the confidentiality of Client Data (including backed up data) to Client via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as State Street is prohibited by law, rule, regulation or other governmental authority from notifying Client.

Incident Event and Communications Management a. Incident Management/Notification of Breach - DST shall develop, implement and maintain an incident response plan that specifies actions to be taken when DST or one of its subcontractors if in DST’s discretion it is applicable to such subcontractor, suspects or detects that a party has gained material confirmed unauthorized access to Client Data or systems or applications containing any Client Data (the “Response Plan”). Such Response Plan shall include the following: i. Escalation Procedures - An escalation procedure that includes notification to senior managers and appropriate reporting to regulatory and law enforcement agencies, as applicable. This procedure shall provide for reporting of incidents that compromise the confidentiality of Client Data (including backed up data) to Client via telephone or email (and provide a confirmatory notice in writing as soon as practicable); provided that the foregoing notice obligation is excused for such period of time as DST is prohibited by law, rule, regulation or other governmental authority from notifying Client. ii. Incident Reporting - DST will use commercially reasonable efforts to promptly furnish to Client information that DST has regarding the general circumstances and extent of such unauthorized access to the Client Data.

Incident Event and Communications Management. A. Incident Management/ Notification of Security Incident or Breach - Contractor shall maintain an approved Incident Response Plan that specifies actions to be taken when the Contractor, one of its subcontractors, or SWK suspects, detects, or has reason to believe that a Security Incident or Breach has occurred or that a party has otherwise gained unauthorized access to SWK Data, systems, or applications containing any SWK Data or supporting delivery of Services. Such Response Plan shall include: I. Escalation Procedures - Escalation procedures must exist to notify senior managers and appropriate reporting to regulatory and law enforcement agencies. Contractor shall immediately report to SWK via telephone or email (and provide a confirmatory notice in writing as soon as practicable but in any event within 24 hours) all incidents that in anyway affect the operation of SWK or the confidentiality, availability or integrity of SWK Data (including backed up data), including but not limited to, any Security Incident, Breach, or successful or attempted unauthorized access to systems or networks which contain or provide access to SWK Data.