CISO-as-a-Service Agreement

1. PARTIES

Domain Computer Services, Inc. for good and valid consideration agrees with you (hereinafter called “Customer”) to furnish certain security advisory services known as CISO-as-a-Service (CISOaaS) as provided in this Agreement.

2. introduction

WHEREAS, Domain Computer Services, Inc. is in the business of advising companies on computer and network relatedsecurity and risk.

WHEREAS, Customer desires that Domain Computer Services, Inc. provide guidance and advice on the informationsecurity policies and risks in the Customer’s environment.

NOW, THEREFORE, in view of the covenants herein contained and the agreements hereunder taken, the parties heretoagree to as follows:

3. payment

    a. Initial Technology Audit Fee. There is a one-time assessment fee to establish a baseline for the customer’s current information security risk profile and status prior to start of services. See your approved quote for details.
    b. Set Monthly Fee. Payments shall be made based on a set monthly fee as described in your approved quote. Invoices shall be processed and mailed on or about the 15th of each month by Domain Computer Services, Inc. for the following month’s service. Payment for services rendered shall be paid and delivered upon receiving said invoices by Customer.
    c. Travel. After initial install all support and guidance will be provided remotely. If onsite support is requested or required, travel expenses and travel time will be charged to Customer outside of Monthly Fee. The exception is four quarterly onsite security review meetings which are included in the Monthly Fee.
    d. Interest. All payments are due within fifteen days of the date of invoice. Any payment not made in a timely manner shall bear interest at the rate of one and one half (1.5%) percent per month or fraction thereof, from the date of delinquency until the date of payment.
    e. Sales and Use Taxes. Customer is responsible for the payment of any state or local, sales or use, or similar fees or taxes arising as a result of the sale of tangible personal property, the provision of services, or both by Domain Computer Services,Inc. to Customer under this Agreement. Domain Computer Services, Inc. may invoice Customer for such fees or taxes and Customer shall promptly remit such fees or taxes to Domain Computer Services, Inc., as the collection agent, upon invoice.The failure of Domain Computer Services, Inc. to invoice Customer for such fees or taxes and shall not relieve Customer from the responsibility for the payment of such fees and taxes. Customer agrees to provide to Domain Computer Services,Inc. proof of Customer’s payment of any such fees or taxes upon request.

4. CISO-as-a-Service (CISOaaS) – included services

The CISOaaS solution consists of the following components:

a. Assistance in designing and maintaining an Information Security program for the Customer

b. Assistance in evaluating and managing compliance requirements and risks

c. Templates for required policy and process documentation as needed for compliance requirements (HIPAA, PCI, SSAE16,SOC, etc)

d. Unlimited remote support – on demand advice and guidance on management of the Information Security program as needed

e. Quarterly Information Security and Compliance gap analysis reports

f. Quarterly internal and external vulnerability scans

g. Quarterly Onsite Meetings to review included Information Security and Compliance gap analysis reports

h.Optional – ongoing compliance validation/alerting – ONLY IF Customer signs up for optional 24/7 Network Monitoring services

5. customer cooperation

Customer shall provide reasonable access to its premises and network installations to enable Domain Computer Services, Inc. the opportunity to provide the CISOaaS services. Customer acknowledges that since the network equipment is in their physical control they must hold all responsibility for their care and well-being. This means protecting them from abuse when possible and securing them from improper access or other physical threats. Network, server, or computer maintenance and support is NOT covered under this service offering. Optional network monitoring is highly recommended to validate compliance on an ongoing basis. Customer also agrees to assign one employee to be Liaison or contact person to Domain Computer Services, Inc. in order to make communications between both parties effective.

Customer will not attempt to hire Domain Computer Services, Inc.’s employees or contractors directly as its own staff or refer to any 3rd party for employment. If Domain Computer Services, Inc. staff are employed or utilized in any capacity by Customer outside this agreement the damages due to Domain Computer Services, Inc. from Customer will be equivalent to one year’s annual compensation for the Employee. Additional penalties and damages from Employee to Domain Computer Services, Inc. may also be due.

6. confidentiality

a. Domain Computer Services, Inc. agrees to keep in confidence and not disclose to others any sensitive or confidential material of Customer, its’ marketing strategies or other trade secrets.

b. Customer and Domain Computer Services, Inc. shall take all reasonable precautions to maintain the confidentiality of the Customer’s Technology System and data, but not less than that employed to protect its’ own proprietary information.

7. warranties and disclaimers

DOMAIN COMPUTER SERVICES, INC. MAKES NO WARRANTIES OF ANY KIND, EXPRESSED OR IMPLIED ON ITS’ OWN REGARDING THE FUNCTIONALITY, RELIABILITY OR QUALITY OF HARDWARE, SOFTWARE OR SERVICES, BUT INSTEAD RELIES ON THE WARRANTIES PROVIDED BY THE MANUFACTURER OF EACH PRODUCT.

8. limitation of liability and remedies

UNDER NO CIRCUMSTANCES SHALL DOMAIN COMPUTER SERVICES, INC. BE LIABLE FOR SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING, BUT NOT LIMITED TO, LOSS OF ANTICIPATED PROFITS, OR LOSS RESULTING FROM BUSINESS DISRUPTION DUE TO ANY REASON, EVEN IF DOMAIN COMPUTER SERVICES, INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. RISK OF DATA LOSS, BUSINESS INTERRUPTION OR LOSS REMAINS WITH CUSTOMER. THE MAXIMUM DAMAGES DUE ARE LIMITED TO THE FEE PAID FOR SERVICES IN THE PREVIOUS 3 MONTHS.

THE STATED WARRANTIES AND THE COMMITMENTS SET FORTH HEREIN ARE IN LIEU OF ALL OTHER OBLIGATIONS OR LIABILITIES ON THE PART OF DOMAIN COMPUTER SERVICES, INC. FOR DAMAGES OR OTHER RELIEF, INCLUDING, BUT NOT LIMITED TO, SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES THAT IN ANY WAY ARISE OUT OF OR IN CONNECTION WITH THE USE AND/OR THE PERFORMANCE OF ANY SOFTWARE, HARDWARE OR SERVICE.

9. defaults and termination

a. Capital Events of Default

    1. Domain Computer Services, Inc. shall be in default under this Agreement if any of the following occur:
    i. Domain Computer Services, Inc. becomes insolvent or is a party to any voluntary bankruptcy or receivership proceeding, makes an assignment for a creditor, or there is any similar action that affects the affairs or property of Domain Computer Services, Inc.;
    ii. Domain Computer Services, Inc. is the subject of a petition or involuntary bankruptcy and such petition is not removed within ninety (90) days;
    iii. Domain Computer Services, Inc. fails to materially perform or comply with the terms and conditions of this Agreement.
    2. Customer shall be in default under this Agreement if any of the following occurs:
    i. Customer fails to make payment of any undisputed invoice within thirty (30) calendar days after it is rendered;
    ii. Customer fails to materially perform or comply with the terms and conditions of the Agreement.

b. The initial term of this Agreement will be for one year following the contract coverage start date of this Agreement per the approved quote. This Agreement shall renew for additional one-month periods unless either party gives written notice of non-renewal in the last month of the term. Early termination will require immediate payment of remaining monthly fees due for term of agreement.

c. Termination of Notice. The party not in default may terminate this Agreement by written notice to the other party if the other party has failed to cure a material default under this Agreement within thirty (30) days after receiving written notice specifically stating forth such default. Upon termination, the terminating party shall have all rights under the Uniform Commercial Code or otherwise, whether at law or in equity, that may be available to it. The election of one remedy shall not exclude the election of another.

10. governing law

This Agreement shall be governed by and construed in accordance with the laws of the State of New Jersey.

11. assignments

Neither this Agreement nor any rights hereunder may be assigned or otherwise transferred by either party, except to any corporation controlled by or under common control with the assigning party, or in connection with the acquisition of, or the sale of substantially all of, the assets of the business to which this Agreement pertains.

12. severability

If any provision or provisions of this Agreement shall be held to be invalid, illegal or unenforceable, the validity, legality and unenforceability of the remaining provisions shall not in any way be affected or impaired thereby.

13. force majeure

Domain Computer Services, Inc. shall not be in default under this Agreement because of any failure to perform in accordance with its’ terms and conditions if such failure arises from causes beyond its’ control, including, but not restricted to, acts of God, acts of government, fires, floods, epidemics, quarantine, restrictions, strikes, embargoes, inability to secure raw materials or transportation facilities, acts or omissions of carriers, or any and all causes beyond control of Domain Computer Services, Inc.

14. modifications

This Agreement can only be modified by a written Agreement duly signed by authorized representatives of Domain Computer Services, Inc. and Customer, and variances from or in addition to the terms and conditions of this Agreement in any order or other writing from the Customer will be of no effect. Moreover, in order to avoid uncertainty, ambiguity and misunderstandings in their relationships, Domain Computer Services, Inc. and Customer covenanted and agreed not to enter into any oral agreement or understanding inconsistent or in conflict with this Agreement; and Domain Computer Services, Inc. and Customer further covenant and agree that any oral communication allegedly or purportedly constituting such an agreement or understanding shall be absolutely null, void and without effect.

15. notices

Any notice given by either party hereto to the other party shall be in writing and shall be signed by the party giving notice. Any notice or other document to be delivered to either party hereto by the other party shall be deemed delivered if mailed
postage prepaid to the party to who directed at the address of such party stated below for Domain Computer Services, Inc. & for the Customer will be per the approved quote.

Domain Computer Services, Inc.
1 Corporate Drive
Cranbury, NJ 08512

16. venues and jurisdiction

Customer hereby (i) agrees that any litigation, action or proceeding arising out of or relating to this Agreement be instituted in a state or federal court in the city and state of New Brunswick, New Jersey (ii) waives any objection which it might have now or hereafter to venue of any such litigation, action or proceeding, (iii) irrevocably submits’ to the jurisdiction of any court in such litigation, action or proceeding, and (iv) hereby waives any claim or defense to inconvenient form.

17. counterparts

This Agreement may be executed simultaneously in several counterparts, each of which shall be deemed an original but which together shall constitute one and the same original.

18. entire agreement

This Agreement constitutes the entire agreement between the parties with respect to the subject matter hereof and supersedes all prior contemporaneous written or oral agreements and representations between the parties with respect thereto. This Agreement shall not be deemed to extinguish or mitigate any payments, which are owed to Domain Computer Services, Inc. by Customer pursuant to the terms of any previous or other existing agreements between Domain Computer Services, Inc. and Customer. Customer acknowledges that it has read this Agreement, understands it and agrees to be bound by its’ terms and conditions.

19. collection

If it is necessary for Domain Computer Services, Inc. to employ attorneys for the collection of amounts payable hereunder, all costs and expenses incident to such collection, including without limitation, reasonable fees of such attorneys, shall be added to the amount payable hereunder and be collected as a part thereof.

20. captions and headings

The captions and headings are inserted in this Agreement for convenience only, and in no event be deemed to define, limit or describe the scope or intent of this Agreement, or of any provision hereof, nor in any way affect the interpretation of this Agreement.

21. execution

IN WITNESS WHEREOF, the parties have hereunto set their hands and seal this day per the approved quote.