Awards shall be made per category: • Category 1 - RISK ASSESSMENT AND MITIGATION SERVICES: Professional services that help organizations identify potential risks, evaluate their likelihood and impact, and then develop strategies to minimize or eliminate those risks, essentially protecting the organization's assets and ensuring business continuity by proactively addressing potential threats; it involves both analyzing potential dangers and taking proactive steps to manage them effectively. • Category 2 - INCIDENT RESPONSE SERVICES: All incident response services must be carried out by trained experts and meet all legal standards. Incident response services assist organizations in detecting, containing, and mitigating damage from cybersecurity breaches or attacks, essentially providing a rapid response to security incidents to minimize harm and restore system functionality when a threat occurs; they aim to identify, analyze, and address security issues quickly, while also learning from past incidents to improve future preventative measures. • Category 3 - BREACH COACH SERVICES: Data breach coaching services involve specialized guidance and support for businesses experiencing or at risk of a cybersecurity incident, offered to help navigate the incident response process and mitigate potential damages. Please note: Any and all legal services on behalf of the Purchasing Entity must be approved by Purchasing Entity at the time the Work Order is executed, some Purchasing Entities may require additional internal approval of any outside legal services. • Category 4 - NOTIFICATION AND CREDIT MONITORING SERVICES: A Purchasing Entity may decide, in its sole discretion, to begin using the services described in the Master Agreement for Notification and Credit Monitoring Services at any time during the term of the Master Agreement and Participating Addendum.
