Executive Breach Simulation
1. Scope of Work.
1.1. Executive Breach Simulation. The Project consists of an Executive Breach Simulation (the Professional Services). Verizon will conduct an Executive Breach Simulation (the Simulation) as a mock incident response exercise for Customers senior executive level audience. The objective of the Simulation is to evaluate Customers existing processes and procedures for responding in real time to a computer security emergency. The Simulation will be based on a mock security emergency scenario agreed by Verizon and Customer in advance (the Scenario, as further defined below), but not known in advance by Customers Simulation participants. Verizon will moderate the Simulation by introducing the scenario and prompting Customer participants for their feedback and participation relative to their respective areas of organizational responsibility. Verizon will then lead the Customer participants through the Scenario. In advance of the Simulation exercise, Verizon will work closely with one (1) to two (2) Customer personnel (Trusted Agents) to define the Scenario, and the objectives, stages and duration of the Simulation. The Simulation exercise will be performed at a Customer location, as further identified in the Engagement Letter. The duration for the Executive Breach Simulation shall be one business day, unless otherwise agreed in writing by the Parties.
1.2. Project Management. Verizon will work with Customer to schedule a kickoff conference call to initiate the Project. Verizon and Customer will collaborate to determine required stakeholders and other attendees and the agenda. Unless otherwise agreed, the kickoff meeting shall be virtual. During the kickoff meeting, Verizon and Customer will collaborate to confirm the Trusted Agents and Simulation attendees, date and agenda for the Simulation, and meeting location. At or before the kickoff meeting, Customer shall provide appropriate on-site authorization documentation (where applicable). An output of the kick off call is an agreement on the resources, dates, times, and locations for the tasks described.
2. Deliverables and Documentation to be produced by Verizon (if any). Deliverables are intended for Customer and Verizon use only. Customer may disclose a Deliverable to a third party pursuant to the Agreements confidentiality terms. Verizon will provide handouts consisting of the exercise slides for the attendees to be referenced during the Simulation.
3. Documentation to be produced by Customer and Customer Obligations (if any). Delivery of the Professional Services by Verizon is dependent on Customers performance of the following:
3.1 Customer will appoint a single point of contact that is responsible to coordinate the Project activities and ensure timely data flow and exchange of information required for execution of the Project within the agreed time frame.
3.2 Customer must provide an overhead projector and compatible overhead projector screens on which to display the overhead projector material.
3.3 Customer must identify in advance the Trusted Agents, who will work with Verizon to define the Scenario and develop the stages, discussion points, and duration of the Simulation.
3.4 Customer must assure the participation during the Simulation of senior executive staff from each of the Customers functional organizations with a role within Customers computer emergency management processes and procedures.
4. Assumptions (if any). Delivery of the Professional Services by Verizon is predicated on the following assumptions and conditions:
4.1 Customer retains responsibility for the implementation of any recommended changes to policies, procedures, applications or devices managed by Customer or associated service providers.