Risk Assessment Service Cybersecurity datasheet
Page 3
Data sheet
COVERAGE
• Services will be provided during local HPE standard business days and hours excluding HPE holidays.
CUSTOMER RESPONSIBILITIES
• Provide complete and accurate responses to all queries from HPE
• Communicate openly about IT infrastructure governance practices and needs to support their business objectives
• Provide neutral and up-to-date information on in-scope subjects including but not limited to financial budgeting and service costing
structure of the subject, asset protection controls on the subject and general security organization structure, and others
• Assign a contact person to organize project logistics
• Assign a project sponsor and be available for two to four hours per week to discuss logistics, preparation, outcomes, and data gathering
during the engagement period
• Provide access to the right management level (functional management or higher)
• Ensure interviewees are available as per the mutually agreed upon interview schedule
• Provide all requested documents and artifacts as per the agreed upon project schedule and HPE document requests
• Provide subject matter experts (SMEs) as required to clear up any areas of confusion or uncertainty
• Perform other reasonable activities to help HPE identify or resolve problems as requested
• Provide a suitable work area for delivery of the service, including access to an outside telephone line, power, and any network connections required
• Allow HPE all necessary access to all locations and networks where the service is to be performed
• Review and approve deliverables
SERVICE LIMITATIONS
• Limitation of each service feature is outlined in the TABLE 1 . Additional charges incur for any additional services required.
• Assessment finding and any associated recommendations are based on the accuracy and completeness of the information available at
such time, along with the accuracy and completeness of any information provided by the customer during the information gathering
activities of this service. HPE does not warrant that all security risks within the environment will be identified or that any recommended
solution will prevent all identified security risks.
• The entire deliverable documentation created for this engagement will be available in Microsoft Word or PDF electronic format.
• Services are deemed accepted upon performance.
GENERAL PROVISIONS AND OTHER EXCLUSIONS
• Our ability to deliver this service is dependent upon the customer’s full and timely cooperation with HPE, as well as the accuracy and
completeness of any information and data the customer provides HPE.
• HPE reserves the right to reprice this service if the customer does not schedule and provide for subsequent delivery within 90 days of purchase.
• HPE will not process personal data as part of this service.