The URL can be used to link to this page

Home My WebLink About24-095 - Info-Tech: Online Workshop - Security Incident Management Program-&y WT UKW--a D Z)e-V-.,I,e I Rj-�Osa- Ch nHe s+ow - Bo - Se V -C% -:—s D- ector --n.com 0 1 88MUM889 ext.31 OUN 2. 202A R - S F A R C H Page 1 of 4 G R 0 U on- tesea- a' D el 4 = rch xes D C%r% e=ra of our ent te-am a' r%s �-n lease so se-mes W yo - and yo -Y D-aSn--nt thiS DrOD.Sa -Or Resea-ch a in duDa tme-t af %C, fv ur --Kw--- ID D'OV MBS VOU v m b S h _-hS__ R en S a- a a ---d Adv_sco- W th access 0 DOWal'I 1_ 0-amos"c foods a-0 K -a -V -asa-a-im ne-D system -a --- We vn- eDar Mal -t S Da-- ormance- IID-O 0 h D V, U max-moze '_hie --MDa-.' of yoUr mee mb e rs _D, we a - =S-- Provide arl Unmatched _moi n-- of m-n.runber s -n-- _m -es4'ions a' any time. Dease UK v have - W of w a. S= a Mev - co-n-veneme __._v a_ U U - - l-_SStODh4_=- ED-- _Mz ----- 4 _0 �I IAO� -88oa e �8 6�7�V xt W Page 2 of 4 n ed G_ h I-Zesearch roum 30,600 HOWalcl H -um -hes Da'KWav S_�n -no _SA - Las Vegas, V U �N 89-169 nfof- --= D_ ed ODOSa. D,er.0- --"-a- C of -Kw-=a AN u o- f;BQ__ --ed uKW-=a- WaS nalon. n to Q81 8&25-4141 r'Ot�,- -D 0- AGO V N W H N 0� CFI R-S`ARC- - \V -C-- kil-M- = = = == 171 Se- -e Start Date. -.-v '2, 2024 Cont -act =e-fi= USh on.a--C roe_B of U KVV--a V Product Description Online Workshop 5 -Day Online Virtual Workshop to solve your most pressing problem Membership Page 3 of 4 Quantity Subtotal 1.00 $23,711.34 fim $23,711.34 Total: $23,711.34 B aDD e A- - s -la -le on "--.s -ocument are -n �,.S�' CI and S D. Payment terms: Payable upon receipt of Invoice Unless otherwise stated, consulting and workshop engagements do not include travel and expenses, which will be charged in addition to the fees listed. Workshops purchased as part of membership expire without refund or credit at the end of the membership period covered by the purchase. Workshops purchased outside membership expire without refund or credit 1 -year after purchase. Please work with your member services representative to select and schedule workshops prior to expiration. Subject to applicable taxes. If your company is tax exempt, please provide a valid tax exemption certificate with the signed proposal. Terms of Use are attached hereto ("Terms of Use"). Unless agreed to in writing, any customer terms, including purchase order terms and conditions, are of no force or effect. By signing this Service Agreement, you agree to pay the fees set out herein annually for the term indicated. This proposal has a definite expiry date of July 12, 2024. Please return this signed Service Agreement to Info -Tech by DocuSign, email cboilley@infotech.com or fax (1-519-432-2506). Please include PO if required. Thank youfor r business! The signature below affirms your commitment to pay for the services ordered in accordance with the terms of this service agreement and in accordance with the Terms of Use. 1191911117111111! MIME= Term Number Invoice Date Invoice Term Start Date Amount 1 July 12, 2024 $23,711.34 July 12, 2024 DS Thomas McLeod Name Title Mayor, city of Tukwila Name Liam Ledgerwood Title Legal Counsel Term End Date Notes July 12, 2025 5 -day Online Workshop — Develop and Implement a Security Incident Management Program L�Mxs USigned by: Signature kG(,t,d APPROVED AS TO FORM BY CITY ATTORNEY 7/2/24 Date 7/10/2024 i 12:33 PM PDT APPROVAL ON FILE. Signature Date July 2, 2024 Page 4 of 4 IlllI iiI ° , I IIIh llf�Zeseaiirclh Girouiqlp°°I°°oiriims of Use Ilrnfo„,,..U...e lhn Illesearch Giroulp Ilrnc,. ("llrnfo„,,..U...e lhn" or "we”) jpirovides pirolpi6e:a iry iirnfoirrna tiioin echirnollo y iresearch, toolls, mm at iriia ll s” and hell ed advilsoiry services to our clillemnU s vila our welb ilte (colIll ctilvelly the "A irvilces "),. A "ClIiieirnt''" its de iimned as the eirntiity that 1pu..uircllhped the sulb ciriillptiiorn seirvilces,...U..Ihe s I eirir s of Use lhn llll The it firemnc d iiirn a salles contract ("Seirvilce Agreement") Ibetweein Client and Ilmnfo,,,,..U..eclhn„ I Ihese ..U... irim of Use state the teirims and coin6tioins under w1hich "you", Ib Ing (as the case imay Ib) a Clkent ind/oir a A"Ueir"° (defined as a user of the 1pulblliiclly av6lalblle Services, or vine or imoire rn« irmned iirn&Midru ll eimlplloyees or relpireseintatives of the Clkent w1ho «sire authorized Iby linfo U.. ch iiirn a Berenice re imrmt o use the irviice that irequ.uiiire 1paid cess)" imay use this welb ilte and the Services, whiiclhn vire the property of Ilirn o U eclh .. Ym.uir use of thii s site and the S'eirvices constitutes 1. Geineirall Use ll?estIriic-diioins U Ihe Services «sire to Ibe used for the Useir's use a rnd Iberne iiU only 1pruir ru int to the teirims aind IkirnitatJoins of the p6id sulbscirilptioin and rrrn y not The disclosed, iii ernes hn U d mem dii tiriilbuted to a my othn it Ip« arty" except as Ilmnfo U e lhn otlhneir ii e agirees in wi6tiing., Flhe User wflIll not 61rcum veint a my erncirylpflorn or othn it ii e g iirn access to Services for w1hich the User Ihas not Ib ern expressIly a irarnted the appropriate rights of access., U..Ihe User willIll irno-t use the Services for or Ikirno iirn lly tir irn i mniitO I11140 U ech oir ullpllo d to any Ilrmfo,,,,U ech site or inetwork any 1111legall, iimm prollpeir oir unacceptable mm at irii ll or use U:heimn for 1111legall, iiirmnprollp it or unacceptable llpira ctlice s lincludiling wilthm.it Iliiirmnii atiioirn the dii s eirmniiin tiioirn of any defamatory, fir u d� ..ullemn , iimnfiriirn limn " Ibu..0 siiv " lewd, olbsceine oir 1porrno it llphlic r at irii ll" vihruses, tirojain Ihoirses, U:iirrrne Iboirnlb " worms, or othn it Ihna irrrrnfu.nll code de ii rn d to iirnU mmrulpt, destroy, mgr lhhrniit the fr u rn U ii o n of any softwaire, Ihn « irdw s ire or communicatioins eq u ii 1p iron int, urn ollii6ted mina s s eirna iilll or othneir iirnteirrnet Ib ped adveirflsing c imp ii rn " pi6vacy breaches, de nii ll of use attacks, s" poo -flim " or iimm p it omna U:iiorn,. 2. Colpyright U..Ihe Services wire @ Ilrmfo.. U ech IResearch Giroullp Inc., All irights ire severed,. U..Ihe Services vire o rn d Iby and colpyrii Ih ted Iby Ilrmfo,,,, U ech and oU:heir pairtiles and may comnU:a iirn trademarks rk of Ilrnfo,,,, U eclhn or othner ,. U Ihney wire 1piro-tec ed Iby Cainadilain, U.S., and linteirmn Uiiorna ll colpyrii Ih t aind Lira d iron irll< laws a rnd coinventJoins., User imay use the Se14c oll lly for Nis or Ihneir owin iirnfoirrnwn doin Ipuirlposes pruir ru int to the teirims aind himital-Joins of the 1pa W sulbscirilpfloin., U Ihe User im y dowinliogid ainy of the S irvii e" toolls or templates for Nis or Ihneir hn&Vi dura ll use, Ibu t Users rrrn y not, a rnd ClIkent must snot 1p irimwn U Useirs to, 6s iriilbute any airticles, tooll " templates or b1luelpi6ints iirnU irrna lllly" subject to the exc 1ptiioi n Ib llo „ • Useirs inn any mnn a lk a si'ling1le colpy of eaclh s1lide, spreadsheet, Ua lb ll „ira 1p lhm u N or Ipo irk: u o mn of -text firomnn the ire s a irclhn cointeint fair hint irirna ll Ipir s intatiioirn purposes, Ilpirovilded that the oirii iiirnall Ilirmfo-reclhn colpyidght notice a::nirnd date of Ip ulblliica tiioirn ireirnallins affixed wilthnout a llt ira iloirn,. • Useirs ima y irnalke as silinglle colpyof ii irn iVid ua ll ireseairclh docuinneints for Ipeir oirn«SII a it h iiva ll Anse,. Useirs mrnay foirwa ird ii irn6vii d uall ireseairclh docuinneints Wl tlhn ii mn eirnlplloyee woirlkgiroulps for de iisiiaamm suppoirt., Useir mmna::ny sk.Abirnit it q k..m t fo r Ip irirnn ii iioirn to colpy or use the ire s a irclhn coirn U: irn U: or ire s a irclhn seirvilces iiirn othn it ways to Ilin-fo-"'Feclh., Flhe Useir irmmay cireate derivative woirlks firom the irvii 's toolls or templates U: airnd dii U:iriilbut these fair iiirntirirna ll .use but mmna::ny irnot dllstirflb�..vte these deirivatilve w oirlk xtirirna lllly for airny coinnim irciiall or ire sall 1p�..iirlposes., U..Ihe U seir im y cirea to deiriiva tilve woirlks firoi nn the Seirviice"s toolls oir teirnlpllates aind dii U:iriilbuto these for ihin eirurvna ll �..mse but im y umnot dii Uiriilbute these deirivatilve woirlks aux eirirn lllly foir ainy coinminnir6a ll or ire a lle Ipuirlposes., irny oUlhm it it 1pirod ua;Uiiomn or 6sseirnnihn Uiioirn of the Se14ices imn « irny foirirnm or Iby « irny imeains its foirlbiidd mn without Ilirmfo U eclh"s w 16ttein 1peirinniissioin, aind Ww tlhnout lhhnniitiing the a gin iralliity of the foir goiing, the U seir W1111 not:: ., irecoird aind ire tir irn irnmit the Service over ainy inetworlk (iincllu&hng « irny Iloca ll airea mn Uwwomlk), except as otheirwise stated a lbovea II3„ �..m se ainy Service hi n a my U ii mes1hma irii n , seiiVr ce Ibu itew..m" Ibu ll1lefl i n Ibo ird oir s ii mrn ii ll it aii-iraingeimeint or Ipulblliic dii 1pllayN C,. post airny Seirvilce to a i ny oU:heir oirnlliiurvne service (iiirnclludiiirn Ib�..mllll fiun lboairds oir the Ilirn eirinet)N I1D., m.mlblliicemn ep Ileac ep ellIIN offer fair alle oir assilgin the eirvii eN air �..mtiillllze hinfo U ech iresea arch tai cireateptirallinp or oU:heirwii e a dva i nce geineirative a irU:iifiiciia ll iiintelllliigince (All), lairge l mn ug innod ll (11.....11.....1 ), irnpn clhmiiirne lleairinihng allgo16thimsor softwaire, « irnd oth eir teclhminollogiic ll iininovatJoins for the production of de16va tiive w oirlk , coinnIpiill floirn " coll1lective eindeavoirs, or a mny otlhmeir Ip uirlpose., II:::::„ �..m say hinfo U eclh"s inainne oir a irny exceirlpts firoi nn the Services iiirn the Ipiroirnnotiioin of its 1pirodd ..icts or services., 3. U seIr Useirs imuU Ibe a ut1h oirii ed to use the Services Iby Ilirnfo U e lhm„ Useirs imuU ima iimnt iiirn aind protect the coin fiidemnUiialliity of a mny Ip wwoird() aind aire ireslpoinsiblle to einsuire that the passwords ira effective., Users lhna Illl advise Ilirnfo U eclhn iiirnnirnn 6a U: lly iii they dii coveir U:Ihna U: U:hehr 1passwoird has Ib ei n compromised, at the foIllowling ix.m irn-n lb it 1....888.... 70....8889.. IIS ym.m vire a irn air a irn ii za tiloirn that its Ipa irU:y to a service agireeinneint with Ilurvnfo.... U eclhn" re-feireinces iiirn these say U eirinns of Use e to "Us ir( )''" iinclude you, and you «sireira spoin iilblle for complkaince Iby mna inned iimn6viid u ll Useirs Ww tlhniimn your oirgmniiza Uiiomn with these Feirinns of Use., 4. Useir 11De1r pectiive 11 or the Ibenefiit of all1l U.0 eir " Ilmnfo,,,,U eclh"s ireseairclh seirvices iincIludes the albilfity for Useirs to (ii) 1pairticilpate iiirn the cireatloin of ire sea irclln Iby cointirillbutling U V Heir perspective fair Ip�.Ablliic tiioirn oin Ilirmfo,,,,U ech"s welb ii U: a ind (iiii) llpa irtiiciilp te iinrvn iiirndustiry peril- iic comirnnuniiU:y girm.ilps aind oUheir foin..iinns Iby conU:iriilb�.Aiin dii m..i s siioirn posts. All such cointirlllb�..Alloins wire volluint iry with full II consent of the Ueir„ IIfyour account its used to cointirflbute cointeint to Illirnfo Fech"s welbsiltes, (coll1lecfl ✓elly" "'UserCoinUiriilb� floirn "")" you agiree to accept solle t poirn iilbiilliity for those User Coin Uiriilb� floirn " lincIludiing the iiirnfoirinna UJoin" statements, facts, irn irnna U irii ll coirnta iiirned ilin « irny foirinn or innediiuryn (e.g., text, a u6io" viid o" aind 1p1h oto it 1plhnii) Ulhneir6iirn,. U o the exteint U seir oirntinilb�.A my f edIb clk to Ilin-fo,,,..F lhn (as User Heir Cointiriilbutiion or otherwise), Ilirmfo,,,,..F lhn irmn y use that feedlba clk to assess, iiimprove" aind mnna irket !I-ts 1pirod�..ic s. 1 o,tlhe ex trot Useirs cointirilbuteto ireseairclh, Ilirmfo,,,, U eclhn minay lincoirlpoiratethose cointirilbutloins wiitlhniiirn the iresearch irvii e withou-t he inecessilty of a tiriib.Aiiomn,. You giraint us aind ouir affillfilates a woirlidwide, iinnmevoc IbII N moy llty fine" inoinexch..isive Iliicein e o use, reproduce, rime d irilvatiive works of, dilstirillbute pulblliiclly dii pIl y" aind 1pmulbllii lhn User Cointirilbufloins.Yo You agiree you W1111 mnot attempt to einfoirce ainy so ca llll d "innoir ll irights"' iimn User CoinUiriilbu floins ag6linst us or our affillfilates. I1:3y usiling Ilmnfo„,,U eclh's ireseairclh services,you agiree that noine of your User Cointirflbufloins wflI1::l • linfidinge oin the iiintell Ilect u ll property, tirade seciret, p6vacy, Ipulbllii ty” or othn it 16ghts of • contain fallse stateimeintsor imilsirelpireseintatioins that co ulld d image lmnfo U e lhn or any tlhniiird 1pirty, • lincIlude olb c rn " Iliilbellomu " defa mrnatoiry" tlhnire teniina " hairassing, a lbm,u iiv " Ihn t full" xu lllly explk6t, sexuallIly orifi nt d, 1pirof im " or einnIbainrassing im t rii ll" as d t nr6ln d Iby Ilrmfo,,,, U eclhn !!in its solle dllscr tiion� • Ibe 11legall or othneir ii e ob ecdoirnalbll , Is cointaiin the e 1pe it o i n ll ii mn fo irmrn a t ii o i n of a ny U:Ihn ii ird 1p irty" ii mn c ll u 6i mn " without Ihl inn ii to t o i n" addiresses, 1plhnomne rn u mrrnlb it " eirnn«dill addiresses, So ii ll Security mn mu in n lb it " aind ciredit caird irnm,uirmnlbir • eincouirage or facillitate iiirn iideir tira6ling or « irnUii oirrr peflOv Ibelh avvioir� • lincIlude coinninneirciall adveirtiseinneints or solh6tafloinsp.. or • 1puirllpoirt to oir a c'h..ia lllly Ipiroviide legall or llpmofe s siioi n ll advice. I1:3eca se Ilrmfo,,,, U clhn" s W lb antes wire availlialblie -to the Ip�.flblliic" User gem Contiriilbutlon oin Ilrnfo U eclhn" s Ib antes wire snot Cornfiidei nU:ii ll Ilnforirnn tilon,. Iltlh o u lhn you «sire sollelly respoinsHbIle for the cointeinU you provide rnd we do mnot Ihave a pollii y of revilewiling or innoiniltoiriling all1l Useir Contiriilbutiionn s" we ire saints the irii lhnt to 1pire- circ irn ind/oir irmnomniitoir U..0 eir Comntirillbu tiiomn „ IIS we become awaire of User Coin-tirillbutiloins that viiolla to these U eirinns of Barth s or that we belfieve to Ibe otlhn it lse ob ecfloina lblle" we imnay reject or d Il t them, or talke talkotlhneir actJoin, without inotice to you aind iirn our solle 6sciretiioi n„ IIf you belhleve that any User Cointirflbufloins appear to viollate these Feirinns of Service, or iii you Ibelheve any otlhneir user its eingaged iimn iilllle all, hairassing, or object i oinlb Ile Ibelhna viloir" ".. ®lid ...... If.::- it II Irk f o Ire iii e Ire t ii II II Ire o Ir IrI� li o Ire Ilia these Feirim of Use "Coin f iid mnfl a ll Il info irmnn a U ii o mn " imeains i mnfo irmnm a U ii omn of a coinnimeircially seinsiitive or Ipirolpirii Dairy c1hairacteir that its imairlked as coinfiidemnUiiall or that a area omnalblle Ipeir omn would understand to The oinff deintiiall.. U IIS A"I.N� scllosihn If.'..)airUy" its the 1pairUy 6scllo iin Coin fiid mntiiall Ilmnfoirmnmafloin and the llle 6viimng If"airUy"° its the Ipairty ireceiVhng CoinfideintJall IlmnfoirmnnaUiiomn„ Il loweveir, Coinfiid mnUiiall Ilmnfoirmnnafloin does mnot include iimnfoirmnnafloin Ulhnat:: • was ihin the pulbIlic doirnaiin atlhme tiimnme of of nirmmu.nnii afionn tem the IReceiiviiin 11=,lairty or lis Ilan: it Iplaced iiirn the pu.AbIllic doirnnaiinrvn Iby tIhmaID11 clo iinrvn IFlairtyN • anrvntfired the Ipu.ublliic doinnaiinrvn thmirm.0 lhm irno fau llt of the IReceiiviiirn 11='lairty m.flbsequeiintto the t1inn of dlisclom.ire Ilhair u..uirndeir to the IRec iiviiirn IFlairty� • was ihin the IReceiiviiing Flairty's 1possessiloin firee of any olblil atloi n of confidence Ipirloir to disclosuire Ilhair u.nnd irk or a was developed Iby aimlplloy a s or a anrvnt s of tlhma f3.acaiiviiin 11='lairty ihind 1penrvnd mntlly of aind ilthmouU irefeireirnce to airny Coinfildeintlall Ilirn oirimatiioirn,. U Ihe Rec iVhn If..)airty slhallll inot disclose, Ipulbllii lhn or coirninnuiniicate the Coin fiid mnflall IlmnfoirimaUJoin to any U:I hrd IpairUy without the p6oir wirittein coinseint of the IDii cllosihng If"airty,. 11 loweveir, the IlReceiVhng 11)airUy imay disclose the Coin fid mntiiall IlmnfoirimnaUJoin to a U:I hrd Ipairty w1ho Ihas a coned to Ikinow the Coin fiidmntiiall Ilmnfoirmnnatiioin aind (ii) its an a co uin amnU" attoirmn y" uindeirwi6teir or advii om u.umndeir a duty of coinfiid mntiialk y� or (ii) its u.umndeir a wirittein olblk atiiomn of coinfid intiialk ty at Ilea t a iresti6ctive as these U eirims of Use aind to the extent iregOired Iby law., Ilirmfo.... U ech mmnay create or use airnoinymnniized data for Ipuirlpo a s such as Ib irnchninrnairkiiirn p airnallytiic s" aind othm it good fall-th Ibu silinrvnass Ipu..uirlpoyes,. Ainoinyinnilzed data its irnot the Coinfiidanrvmtlall Ilin oirinnatiioin of V U Heirs„ Clill int coin lirmnn s iii: Ihas expressconsent tem s1haire Its irnnlplloya ihinfoirirnnatloi n wilthm Ilirn o U aclhn,. . Te Ir Irn IMamny of the Services air "" mulb iriilpfloin" sei4cesthat Ihave a fixed U eirim aind must The it con ed iimn wiriting at the eind of the Ueiri m for seirvices to cointiinmu ,. Cointiractuall teirims of inn imlbeir lhniilp aire gcon iralllly imu llflIplle years film Ilemngtlhm and agireed to Iby the pairties lm wi6tJhng. 1r oirlkslhmolp Ipuircha sed as Ipairt of mmmammmlb it hiilp explire wilthout irafuirnd air cir diit at the eind of the imm imbair shillp Ipairliod covair d Iby the Ipu..umclhma a,, Workshops Ipu.umcllha sed ou..mtiida inammmlb it lhmiilp exlpllire without t it fu.unrvnd air ciradiit onrvna (U) yaair after Ipuircha s .. Ilirn o U eclh mmmay tairimiiirnata U D Heir" s access at ainytilinne iii the U D Heir or Clill int vlollata s the teirims of use air sulb sciriilptiioirn or any othmeir agreement nU iithm Ilinfo U e Ihm,. 7. Caincelllatilion Ain executed Service Agireeirneint irnmay inot Ibe teirmnnih naU d for coinveiniieince. Clkeint irnmay U irmnnih naU a Service A re m e nt ii con the eveint nU U lhn a t:: (a) Il in-fo... U ech chainges air dii coin l irnua s Seirvilcesp.. aind (b) u..um;lhm c1hainges or discointinuaince inatei6alllly affects the U seir" s use of the airvii e � aind (c) CIliiemnt or User notifies linfc I ech of tINis mnm t irii ll a ff ctN amend (d) Ilmnfo„,,U ech !is �.nn IlIIIIIirn or uirna lblle to it veir e such ch inges wilthlin 20 busliness days,. . Chainges Ilirnfc,,,,..I... clln tirliv to iimmincva e.. Ilu~mfc,,,,..U...eclhn imay upda ep �..ijpgirade or otheirwilse chaincir dli ccmntilim..m ccnrvn'teirn p eaUuire s cir cU:heir aspects of its Services. Ihinfc I eclh wIIIIII inch innalke c1hainges that cuirmnulla tiiv lly d gira de the qua lliity of a 1paid sulbscirillptloin to the eirvilc „ Ilurvnfc,,,, I eclhn allso ireseirves the i6ghmU to clhm« irn e the teirims amend coin6lfloins a lU plhicalblle to your use of the Services, unIless l irn fc Feclhn Ihas otheirwise ag ireed ilin a SeiMlce A ire irnm mnt., Use of the SeiMlces after such c1hainges s1haIIII The deeinned to Ibe acceptance pta nc Iby User of such clhma nges., I Ihese teirim wain last irevii ed cirn 11 elbiru«airy 26, 2024., . Accu Ir cy of II in fo Ir Irn t 6 o n a ind Wa irira in ty U Ihne iiirnfcirima tloin count iiirned !!in the Seirvilces IhmaIbeemm obtained fircirn sources bellileved to Ibe it lhia lbll , Ibut Ilirnfc Fech does irnot wairraint the complieteiness, tJimelfiliness or accuracy of « irny iiirnfcirinn« tJoirn count iiirned ilin the Services., U Ihe Services «sire iimnteinded to:: Ih ellp lid irntJify business hi lks� provide iinsilglhts lbased cirn iiirndus iry ire airclhm, amend to Ih ellp you focus oirn ceirt6iirn irnmatteir Ihmiiclhm irnmay Ibe affecting your busiliness.. Ilirmfc Fech does inot provide Ilegall, accouintJling or othmeir jpirofessiloinall advice, inoir s1houlld any advilce fircirnm Ilirmfc Fech Ibe construed as such., W eincouirage you to seek jpirofessiloinall advilce w1heineveir necessairy., Ilmnfo„,, U ech expressIly exclk.ides amnd 6iscli6lims aIIII express cir ilial 1hed ccurvndiiU:iicurvn , irelpire s mntaU: oin s a urvnd wairirain-tiles hinch..mdilin , wilthm.rt Iliiirmmii atiicinp amny iiirmmpllii d airiraintlies or coindlitloins of irmn irchaintalbiilliiU:y cir fitirne s s fcir a” llpairU:iicullair Ip�..mrlpc e, to the ex eint allllowalblle Iby Ilaw IhU:hough Ilurvnfo,,,, U eclhn takes rea scunalbll telp tem scire irn Services fcir l inf ctiicmn Iby viliruse s, woirimm p ..U..irojan Ihoirses cir cU:heir code imainifestling cointaimilinatiling cir dest ru ct live properties Ib fcire imalkling the Seirvilces avalllalblle, linfo U eclh camninot guairaintee that any Seirvilce wIIIIII The fine of linfectiicn,. User assuinnes solleit lUmc mm ii lb ii lhi ty for the II c t ii o mm of the SeiMlces to achieve ii ev iI ii conte in d d res uIIU ,. U Ihe ojplinioins expressed iimm the Services «sire subject to clhman e without notJlc ,. Ilmmfc U eclhm does mmcU eindoirse th lird 1p irty products or seiMlces.. Ilmmfc U eclhm assesses amend amorally e the ff ctiiv mm and appirophateiness of iimnfoirmrna U: oin U clhmmmollc y limen the context of a gmm ira ll Ibusiliness einviliroinirneint cmmlly uinliess spe6ifilcalIlly Kired Iby a User to assess iimm the cointext of t1h 61r c orm mmviiircmminneint_ 10� 11 innitation of 11........6 a Ib6IIiity Ilirn irnc eveint !is Ilmnfic,,,,..U..ech Iliialblle for auny pecliall, iimndilir c p coin eque n liallp iimncildeintallp cir jp�..mirnii lv damages Ihowev it causedp whhelm it limn ccntirac , U:cir p inegfigeince, strict IliialbiilliiU:yp cpiratiicmn of Ilaw cir cU:heirwii p (IlincIludling without IhimiiU:aUloirn dairnna e s fcir host llpircfisp Ib�..m siiune s s ihinU: irmn..mlptiicurvn or Ikea a i6 iina out of the use of or iimma lbiilliity to use the Sei4lces, or any iimnfcirinaUiicmm jpirovild d limn the Services, cm c1laiinns attirflbutalblie to eiriroirs, oirnissiloins or othn it linaccuira6les imen the Sei4lce or hint irlpir tafloirvn U:Ihn irec N evein iii Ilmnfc,,,,U ech Ihas b ein advised of the 1pc s HbiiIhty of such dairnages., Ilmnfo....11 ech's totall Il iia lbiill ty shall1l iiia mno event exceed the airnouint paid Iby the CIliiemnt for the Service iiirn question., User and CIlii irnt a ck no ll d e that Ilmnfo....0 ech Ihas set its prices and ollId the erviic to !It lin irelliia irnce on the III! imiiU:a U:iion s of Iliia lbiilliity and dii cliaiimm eirs of wainraintiles and daimages sell: foirth Ih ireiiirn, and that the sairne -foirim a fu ndamm e nU:all and e s s irntiia ll lbasiis of the Ibair aiimn Ibetweeirn the Ipa it le s.. U Ih y shallll a 1plplly even if the contract Ibetween the CIlii irnU: and Ilirn o U ech !is found to have fa filled iiirn !Its funrvnda irmnenrvnU:a ll oil- essentiall Ipr..iirlpo s oil- has Ib been funrvndairmnenrvnU:alllly Ibm a clhn d,. I...I , 11........[1 in ks o ....TIh 61r .....11" a it ty ii.te Any thlird 1pa irU:y sites that vire Iliiirnked to the Seirvilces vire not r.nrvndeir Ilirn o U eclh's conrvnU:iroll.. Info U.. ch is nrvno t responsillbIle foil° ainythiling oirn the II ii nrvn Iked sites, ii irn llud ii nrvn ii U:hou U: II ii im ii tai tiioirn any content, Iliimnk s to otheir sites, any changes to those ssites, oil- any pollilciles those sites mmnay Ihna ve.. Il irn o U ech provides Illinlks as a convenience o irn lly a nrvn d such Illinlks coo nrvn of ii mmn 1p lly any irn d o it s irmn irn't "12, Ili nvestIrnein-t Advice U Ihe Services «sire not intended to Ibe used for the Ipmuirpo of, or as a llbasiIs foir, ima lkiimn iinvestimeint deci6bins or recomimeindatioins with respect to secui6fles of any company or ii in d m u t iry aind Il mn fo......Fec lhn assumes no IH a INI IhI y for de6sioins mrrn d e, ii mn w1holle or ii mn Ip irt, o mn the llbasiIs of any iimnfoirimadomn coin4hned iimn the Services., "13. G ®ve Ir in II in g 11........E U INIs siItemnd ainy seirvice agreement «sire goveirined Iby the laws of the State of Washington, excllmudiimna any coinfIhIcts of law jpiroviIsioins and excllmudiimna the U*liniiU d Natioins Convention omn Contracts for the Ilmnteirmn tJoinall Salle of Goods,. Arany legall actioin agaiinst Ilmnfo....0 eclhn slhallll talke Ip1lace imn the comuir- of 11-61ng Couinty, WasKimngtoin,. U Ihne pairties attoirin to the mnoin excllusfIve ju.nirii dii flim of the couirts of 11.61ng County, Washniimngtoin„ .14. I[::::::: Irk V:: ii Ire A Ir e Irn e Irk [. I Ihese staindaird U eirims of Use, together WIth ainy seirviice agreements and statements of woirlk, iia coned Iby the Ipa irUiie contains the coimlpll to aind excliusive stateimeint of agireeimeint betweein the Ipa in ii rand supersedes a ll ll Ipuirclhase oirdeir t.eirirns aind coinditioins, undeirstain6ings, Ipiroposalls, inegotiadoins, relpireseintafloins or wainrainfles of ainy Ikiimnd wlhetlheir wirittein or oira ll.. 15. II Ir Eva cy User's irli lh t -to privacy its of Ip it irmnm.0t iiimpoi rtamnce to Ilnfo....,..U...eclhn,. See ouirIP-jvo I gIllly� -foil- more foil° mm ore dela fill.. U he identity of ouir iresearch cliii irnt!is incairn siidem d 1peir soirna�ll ora conrvnfiid irntiiall information, and use comma y dliscIlose that iimn oirmmna tiiomn fora promotion and imairIketiling Ipr..iirlpo s .. "16. oin"Lac't Il infoirlrna-tioIn Attim: Geneirall Couinsell 11 eg all @ 11 in-fo tec Ih., co im 8889 I o1I1I I::::"iree US:: 1 888 6''70 folI1111 iree CAIN:: 1....844....6..18....3..1 . linteirina-floinalL 11 1 519 432 3550 WORKSHOP ENGAGEMENT This document is governed by the Service Agreement (or MSA) that has been signed by City of Tukwila and Info - Tech Research Group on (Service Agreement Signature Date). Changes to workshop dates, as requested by the member, with less than 30 days' notice prior to the engagement are subject to a $5,000 USD rescheduling fee. All rescheduling and cancellation fees are the responsibility of the signing member unless the cancellation or rescheduling is a result of a force majeure event. Workshop Engagement: Develop and Implement a Security Incident Management Program Prepared for: City of Tukwila Date: June 19, 2024 WORKSHOP ACTIVITIES AND OUTPUTS Phases: Establish the Identify Escalation Paths & Runbook Finalize Documentation Foundation Prioritize Incidents Development Duration* 1 Day 1 Day 1 Day 1 Day Activities across phases may overlap to ensure a timely completion of the engagement Projected 1.1 Formalize stakeholder 2.1 Understand the incident 3.1 Develop specific 4.1 Determine key metrics Activities support. response process. runbooks for your next to track and report. 1.2 Assess your current 2.2 Develop general and top -priority incidents: 4.2 Develop post -incident process, obligations, and incident -specific call escalation Detect the activity documentation. scope. trees. incident. 4.3 Understand best 1.3 Develop RACI chart. 2.3 Develop specific runbooks Analyze the practices for both internal 1.4 Define impact and for your top -priority incidents incident. and external scope. (e.g. ransomware). Contain the communication. 1.5 Identify key players for Detect the incident. incident. 4.4 Finalize key the threat escalation Analyze the incident. Eradicate the root deliverables created protocol. Contain the incident. cause. during the workshop. 1.6 Develop a security Eradicate the root cause. Recover from the 4.5 Present the security incident response policy. Recover from the incident. incident response program 1.7 Develop a general incident. Conduct post- to key stakeholders. security incident response Conduct post -incident incident analysis 4.6 Conduct workshop plan. analysis and and executive presentation 1.8 Prioritize incident- communication. communication. and debriefing. specific runbook development. Projected ■ Security Incident ■ Understanding of incident- Incident -specific ■ Security Incident Outputs Management RACI Tool handling process runbooks for two Metrics Tool ■ Security Incident ■ Incident -specific runbooks incidents (including ■ Security Incident Report Management Policy for two incidents (including threat escalation Template Template threat escalation criteria criteria and Visio ■ Root -Cause Analysis ■ General incident and Visio workflow) workflow) Template management plan ■ Discussion points for review Discussion points for ■ Communication plans ■ Prioritized list of with response team review with response■ Workshop summary runbooks team documentation Workshop Engagement — Info -Tech Research Group Inc. Page 1 of 2 Develop and Implement a Security Incident Management Program NotesThe engagement deliverables will be in PowerPoint format unless otherwise specified by the workshop facilitator. ■ The engagement will be conducted over 4 consecutive days within a 1 -week period. WORKSHOP LIMITATIONS The completion of the deliverable is highly contingent on the availability of required information and participation from key subject matter experts; Completion of the roadmap will be a continuous and ongoing effort for your organization to: • Apply the methodology to other business units, and; • Maintain the roadmap as business and technology evolve. Given the brief timeframe of this engagement, it shall not be expected to include: • Detailed business cases for recommendations; • Follow up activities such as re-platforming, upgrading, or consolidation; • Detailed work -plans for recommendations and change management/communications; and • Detailed governance policies. LOCATION AND DATE Location: Online via Microsoft Teams Video Conferencing Platform. • For online workshops, participants must be using their own laptops and join individually at their own workstations. • For onsite workshops, participants must join each session in-person. Workshop Start Date: To be confirmed via email upon receipt of the executed document. APPROVAL OF WORKSHOP AGENDA City of Tukwila Info -Tech Research Group Inc. Signature Signature Name: Name: Title: Date: Title: Date: Workshop Engagement — Info -Tech Research Group Inc. Page 2 of 2