CitizenDeveloper.com Terms of Service
General Terms & Conditions | Service Specific Terms | Technical Documents | Sales Literature | Notification
A4200 SLA Addendum – Security
Last Modified: November 20, 2018
Sales Literature
Sales literature is not applicable for this SKU.
Service Specific Terms
This Addendum to the Service Level Agreement (SLA) is provided to assure Client’s that their software will always perform consistently and at peak levels.
Most Vendors provide only an Uptime SLA and/or an Availability SLA, and as a result, security issues perceived by the Customer are frequently not covered. CitizenDeveloper addresses these concerns through an additional level of protection for the Client, an Application Security SLA Addendum, that covers performance against a wide range of Security Incidents and subsequent Change Management efforts to insure that the Incident is fully understood and not repeated.
SLA
This SLA exists as an Addendum to the Service Level Agreement (SLA) – Availability, and is subject to the terms and conditions therein.
During the Term of the Agreement for the Covered Service (as applicable, the “Agreement”) and during any period of Availability, the Covered Service will provide the Metrics to Customer as specified in the table below (collectively, the “Service Level Objective ” or “SLO”). If CitizenDeveloper does not meet the SLO, and if Customer meets its obligations under this SLA, Customer will be eligible to receive the Financial Credits described for the period of underperformance. This SLA Addendum states Customer’s sole and exclusive remedy for any failure by CitizenDeveloper to meet the SLO. Capitalized terms used in this SLA, but not defined in this SLA, have the meaning set forth in the Agreement. If the Agreement is the CitizenDeveloper Platform Reseller Agreement, then all references to Customer in this SLA mean Reseller, and any Financial Credit(s) will only apply for impacted Reseller order(s) under the Agreement.
| SKU | SLA | Metric | Remedy |
|---|---|---|---|
| 4200.1 4200.2 4200.3 |
Normal Incidents | Malware Check – 8 hours | Financial Credits |
| 4200.2 4200.3 |
Escalated Incidents | Malware Check – 4 hours Full Security Review – 8 hours Change Controls – 48 hours |
Financial Credits |
| 4200.3 | Emergency Incidents | Malware Check – 1 hour Full Security Review – 4 hours Change Controls – 24 hours Vendor and Tool Refresh – top priority |
Financial Credits |
Definitions and Terms
| Term | Definition |
|---|---|
| Event | During a period of Availability, any detected anomaly on a system within CitizenDeveloper’s root level control is classified as an “Event” and is subject to immediate analysis. |
| Normal Incident | Any event attributable to human and/or malicious cause that does not materially impair operations or affect safety. |
| Escalated Incident | Any event attributable to human and/or malicious cause that represents a “critical” impact on the Application’s function. Escalated events are immediately brought to the attention of the NOC supervisor. |
| Emergency Incident | Any event attributable to human and/or malicious cause that jeopardizes the integrity of stored data, breaches primary controls of the system, violates compliance policies, violates terms under contract with customer, or affects human safety. All Executive Committee personnel (CSO, CEO, etc.) are notified of Emergency events to insure complete organizational cooperation with the containment, eradication, recovery and change management processes. |
Technical Documents
| Title | Link / Definition |
|---|---|
| Technical documents are not applicable for this SKU. |