TABLE OF CONTENTS


Clause number and description		Page


1.	PARTIES	4

2.	DEFINITIONS	4

3.	INTERPRETATION	8

4.	INTRODUCTION	10

5.	APPOINTMENT	11

6.	DURATION	11

7.	THE SERVICES	12

8.	IA SERVICES AND SOX PROJECT	12

9.	IT SERVICES	12

10.	FEES AND PAYMENT	13

11.	LIMITATION OF LIABILITY	13

12.	OFFSHORE SHIPPING GROUP ASSISTANCE	14

13.	NON-SOLICITATION	14

14.	BENEFIT OF CERTAIN PROVISIONS	15

15.	FORCE MAJEURE	15

16.	CONFIDENTIALITY	15

17.	NATURE OF THIS AGREEMENT	18

18.	RECIPROCAL WARRANTIES	18

19.	BREACH	19

20.	NOTICES	20

21.	APPLICABLE LAW	20

22.	DISPUTE RESOLUTION	21

23.	JURISDICTION	22

24.	CO-OPERATION AND GOOD FAITH	22

25.	CESSION AND DELEGATION	22

26.	WHOLE AGREEMENT, NO AMENDMENT	22

27.	SEVERABILITY	23

28.	INDEPENDENT ADVICE	23

29.	GENERAL		23

30.	COSTS AND TAXES		24

31.	SIGNATURE		24



Annexure A		COMPANY SECRETARIAL SERVICES	26

Annexure B		IA SERVICES	27

Annexure C		IT SERVICES	28

Annexure D		IT PROGRAMME	38

Annexure E		FEES	39

Annexure F		GSPL SUBSIDIARIES	42

1. PARTIES

1.1. Grindrod Limited (registration number: 1966/009846/06), a company duly incorporated and registered in accordance with the laws of South Africa (“GL”); and

1.2. Grindrod Shipping Holdings Pte. Ltd. (registration number: 201731497H), a private company duly incorporated and registered in accordance with the laws of Singapore, which it is contemplated will be converted into a public company, in accordance with the laws of the Singapore prior to the Commencement Date (“GRIN”).

2. DEFINITIONS

Unless the context indicates otherwise, the following words, terms or expressions shall have the meanings assigned to them hereunder in this Agreement and cognate expressions shall have corresponding meanings:

2.1. “Affiliate” means with respect to a corporate entity, any person that directly or indirectly Controls, or is Controlled by, or is under common Control with, that corporate entity;

2.2. “AFSA” means the Arbitration Foundation of Southern Africa;

2.3. “AFSA Rules” means the AFSA rules relating to expedited arbitrations;

2.4. “Aggrieved Party” has the meaning given to it in clause 19.1;

2.5. “Agreement” means this written services agreement and all annexures hereto;

2.6. “Arbitration Notice” has the meaning given to it in clause 22.1;

2.7. “Business Day” means a day which is not a Saturday, Sunday or an official public holiday in South Africa or Singapore;

2.8. “Commencement Date” means the date that the ordinary shares of GRIN are listed on the NASDAQ (primary listing) and the JSE (secondary listing);

2.9. “Company Secretarial Services” means the company secretarial services described in more detail in Annexure A;

2.10. “Confidential Information” means any and all Information of the Disclosing Party disclosed or made available to the Receiving Party, which, for the avoidance of doubt, shall exclude Information which:

2.10.1. is in the public domain at the time of disclosure;

2.10.2. after disclosure, becomes part of the public domain, otherwise than through a breach of this Agreement by the Receiving Party;

2.10.3. the Receiving Party can establish, by objectively verifiable evidence, was in its possession at any time prior to disclosure by the Disclosing Party (for purposes of clarity, whether such disclosure was before or after the Signature Date);

2.10.4. is required by the provisions of any law or during any court proceedings or arbitration proceedings to be disclosed, and the Receiving Party has taken all necessary steps to oppose, or prevent the disclosure of and to limit, as far as possible, the extent of such disclosure and has consulted with the Disclosing Party prior to making such disclosure;

2.10.5. is approved for release in writing by either Party,

the onus being on the Receiving Party to prove that any Information disclosed or made available by the Disclosing Party to the Receiving Party, or obtained by the Receiving Party from the Disclosing Party, falls to be excluded as contemplated in clauses 2.10.1 to 2.10.5;

2.11. “Control” means, with reference to any company, that a person (alone or in concert with others) directly or indirectly:

2.11.1. holds more than 50% (fifty percent) of the equity share capital of such company;

2.11.2. holds (or has or controls a right to control the exercise of) a majority of the voting rights in such company;

2.11.3. is a member of such company and has or controls the right to appoint or remove the majority of its board of directors; or

2.11.4. exercises a dominant influence over such company either by virtue of provisions contained in such company’s founding documents or by virtue of a contract conferring such right,

with “Controls” and “Controlled” having corresponding meanings;

2.12. “Default Interest Rate” means the prime rate of interest per annum publically quoted by The Standard Bank of South Africa Limited (or its successor) from time to time, compounded monthly in arrears. In the event of a dispute as to the prime rate, it shall be certified by any manager or assistant manager of any branch of The Standard Bank of South Africa Limited (or its successor), whose decision, in the absence of manifest error, shall be final and binding, and whose appointment and authority it shall not be necessary to prove;

2.13. “Defaulting Party” has the meaning given to it in clause 19.1;

2.14. “Disclosing Party” means a Party which discloses any Information to the other Party;

2.15. “Force Majeure Event” means an event:

2.15.1. which is beyond the reasonable control of the affected Party and for which it is not responsible; and

2.15.2. which the affected Party could not have avoided, by exercising a standard of care and skill which can reasonably be expected of that Party,

including but not limited to war (whether declared or not), revolution, invasion, insurrection, riots not instigated by any Party, civil commotion, mob violence, sabotage, blockade, embargo, boycott, the exercise of military or usurped power, acts of God, fire, explosion, theft, earthquake, storm, flood, drought, wind, lighting or other adverse weather condition, epidemic, quarantine, accident, breakdown of machinery or facilities, strike, lockout or labour dispute, acts or restraints of government imposition, or restrictions of or embargoes on imports or exports and power outages, provided that an inability to meet payment because of a lack of funds shall in no circumstances be treated as an force majeure event. It is recorded and agreed that a Force Majeure Event affecting any entity in the Grindrod Group to which GL subcontracted any of its obligations in terms of this Agreement, shall be regarded as a Force Majeure Event affecting GL;

2.16. “Grindrod Group” means GL and each of the companies in which GL, directly or indirectly, holds shares from time to time;

2.17. “GSPL” means Grindrod Shipping Pte. Ltd. (registration number: 200407212K), a company duly incorporated and registered in accordance with the laws of Singapore;

2.18. “GSPL Subsidiaries” means the companies in which GSPL, directly or indirectly, holds shares, as listed and on the basis set out in Annexure F;

2.19. “GSSA” means Grindrod Shipping (South Africa) Proprietary Limited (registration number: 1975/002219/07), a company duly incorporated and registered in accordance with the laws of the Republic of South Africa;

2.20. “GSSA Transitional Services Agreement” means the written transitional services agreement, between GL (as service provider) and GSSA, intended to be concluded on or about the Signature Date;

2.21. “IA” means internal audit;

2.22. “IA Services” means the IA services described in more detail in Annexure B;

2.23. “Information” means any and all data and information pertaining to this Agreement and/or in relation to the businesses of either Party or their respective Affiliates, whether of a historical, current or future nature irrespective of whether it is stored, recorded or embodied in handwritten, printed, visual, electronic, audible or any other format or medium, and belonging to and created by or for the benefit of either Party or their respective Affiliates, which information shall include but not be limited to trade secrets, know-how, trade connections, inventions, computer programmes, intellectual property rights and applications, technical data and product or process specifications, formulae, strategies, methods of conducting the business of either Party or their respective Affiliates, including but not limited to the development of marketing products, the protection of new products and the marketing thereof, brand plans and new product development, accounting policies and systems, costings, prices and profit margins, the identity of other contracting third parties and the type of contracts concluded with such third parties, and any other information designated by either Party as being confidential;

2.24. “IT” means information technology;

2.25. “IT Programme” has the meaning given to it in clause 9.2;

2.26. “IT Services” means the IT services described in more detail in Annexure C;

2.27. “JSE” means the securities exchange operated by JSE Limited;

2.28. “NASDAQ” means the NASDAQ Global Select Market;

2.29. “Offshore Shipping Group” means GRIN, GSPL and the GSPL Subsidiaries;

2.30. “Parties” means the parties to this Agreement, and “Party” means any one of them;

2.31. “Permitted Recipients” means:

2.31.1. with reference to GL, each of the entities in the Grindrod Group;

2.31.2. with reference to GRIN, each of the entities in the Offshore Shipping Group;

2.31.3. the directors, employees, professional advisors, financiers and consultants of each Party and of each of the entities referred to in clauses 2.31.1 and 2.31.2;

2.32. “Receiving Party” means the Party that receives any Information of the other Party;

2.33. “Services” means collectively the Company Secretarial Services, the IA Services, the IT Services and assistance with the implementation of the SOX Project;

2.34. “Signature Date” means the date of signature of this Agreement by the Party last signing;

2.35. “SOX Project” means the project to ensure that the Offshore Shipping Group is compliant with section 404a of the Sarbanes-Oxley Act by the end of the 2019 Year; and

2.36. “Year” means a 12 (twelve) month period running from each 1 January until the following 31 December (both days inclusive).

3. INTERPRETATION

Unless a contrary intention clearly appears:

3.1. the headings of the clauses in this Agreement are for the purpose of convenience and reference only and shall not be used in the interpretation of nor modify nor amplify the terms of this Agreement nor any clause hereof;

3.2. words importing:

3.2.1. any one gender include the other two genders;

3.2.2. the singular include the plural and vice versa; and

3.2.3. natural persons include created entities (corporate or unincorporate) and the state and vice versa;

3.3. any reference to an enactment is to that enactment as at the Signature Date and as amended or re-enacted from time to time and includes any subordinate legislation made from time to time under such enactment. Any reference to a particular section in an enactment is to that section as at the Signature Date, and as amended or re-enacted from time to time and/or an equivalent measure in an enactment, provided that if as a result of such amendment or re-enactment, the specific requirements of a section referred to in this Agreement are changed, the relevant provision of this Agreement shall be read also as if it had been amended as necessary, without the necessity for an actual amendment;

3.4. if any provision in a definition is a substantive provision conferring rights or imposing obligations on any Party, notwithstanding that it is only in clause 2, effect shall be given to it as if it were a substantive provision in the body of this Agreement;

3.5. when any number of days is prescribed in this Agreement, same shall be reckoned exclusively of the first and inclusively of the last day unless the last day falls on a non-Business Day, in which case the last day shall be the next succeeding Business Day;

3.6. if the due date for performance of any obligation in terms of this Agreement is a day which is a non-Business Day then (unless otherwise stipulated) the due date for performance of the relevant obligation shall be the immediately preceding Business Day;

3.7. if figures are referred to in numerals and in words and if there is any conflict between the two, the words shall prevail;

3.8. expressions defined in this Agreement shall bear the same meanings in schedules or annexures to this Agreement which do not themselves contain their own conflicting definitions;

3.9. annexures and schedules form part of this Agreement and shall have effect as if set out in full in the body of this Agreement and any reference to this Agreement includes the annexures and schedules;

3.10. reference to day/s, month/s or year/s shall be construed as Gregorian calendar day/s, month/s or year/s;

3.11. if any term is defined within the context of any particular clause in this Agreement, the term so defined, unless it is clear from the clause in question that the term so defined has limited application to the relevant clause, shall bear the meaning ascribed to it for all purposes in terms of this Agreement, notwithstanding that that term has not been defined in clause 2;

3.12. the rule of construction that a contract shall be interpreted against the Party responsible for the drafting or preparation of the contract, shall not apply to this Agreement;

3.13. prior drafts of this Agreement shall not be admissible in any proceedings as evidence of any matter relating to any negotiations preceding the Signature Date;

3.14. any reference in this Agreement to a Party shall include a reference to that Party’s assigns expressly permitted under this Agreement;

3.15. the words “include”, “including” and “in particular” shall be construed as being by way of example or emphasis only and shall not be construed as, nor shall they take effect as, limiting the generality of any preceding word/s;

3.16. any reference in this Agreement to any other agreement or document shall be construed as a reference to such other agreement or document as same may have been, or may from time to time be, amended, varied, novated or supplemented;

3.17. the words “other” and “otherwise” shall not be construed eiusdem generis with any preceding words if a wider construction is possible;

3.18. terms other than those defined within this Agreement shall be given their plain English meaning, and those terms, acronyms, and phrases known in general commercial or industry specific practice, shall be interpreted in accordance with their generally accepted meanings;

3.19. defined terms appearing in this Agreement in title case shall be given their meaning as defined, while the same terms appearing in lower case shall be interpreted in accordance with their plain English meaning;

3.20. no provision of this Agreement shall (unless otherwise stipulated) constitute a stipulation for the benefit of any person who is not a Party;

3.21. the words “clause” or “clauses” and “annexure” or “annexures” refer to clauses of and annexures to this Agreement;

3.22. a reference to any legal principle, doctrine or process under South African law includes a reference to the equivalent or analogous principle, doctrine or process in any other jurisdiction in which the provisions of this Agreement may apply or to the laws of which a Party may be or become subject; and

3.23. any reference in this Agreement to:

3.23.1. “business hours” shall be construed as being the hours between 08h00 and 16h30 on any Business Day. Any reference to time shall be based upon South African or Singaporean time, as applicable;

3.23.2. “days” shall be construed as calendar days unless qualified by the word “Business”;

3.23.3. “laws” means all constitutions, statutes, regulations, by-laws, codes, ordinances, decrees, rules, judicial, arbitral, administrative, ministerial, departmental or regulatory judgments, orders, decisions, rulings, or awards, policies, voluntary restraints, guidelines, directives, compliance notices, abatement notices, agreements with, requirements of, or instructions by any governmental body, and the common law, and “law” has a corresponding meaning; and

3.23.4. “person” means any natural person, company, close corporation, trust, partnership, joint venture, association, unincorporated association, governmental body, or other entity whether or not having separate legal personality.

4. INTRODUCTION

4.1. It is recorded and agreed that:

4.1.1. as at the Signature Date:

4.1.1.1. GSPL and the GSPL Subsidiaries form part of the Grindrod Group;

4.1.1.2. certain services are provided by other entities in the Grindrod Group, for the benefit of GSPL and the GSPL Subsidiaries;

4.1.2. with reference to the series of transaction known as “Project Dahl”, inter alia:

4.1.2.1. GL is to sell all of its shares in GSPL to GRIN;

4.1.2.2. GSPL and the GSPL Subsidiaries will cease to form part of the Grindrod Group; and

4.1.2.3. in order to facilitate a smooth transition in the above regard, it has been agreed that GL will provide the Services to GRIN, for the benefit of all the companies in the Offshore Shipping Group, on a transitional basis and on the terms set out in this Agreement.

4.2. The Parties conclude this Agreement, to set out the terms on which GL will provide the Services to GRIN, for the benefit of all the companies in the Offshore Shipping Group, on a transitional basis.

5. APPOINTMENT

5.1. GRIN hereby appoints GL as an independent contractor to provide the Services to GRIN, for the benefit of all the companies in the Offshore Shipping Group, in accordance with the terms of this Agreement, and GL hereby accepts such appointment.

5.2. GL shall procure that the appropriate entities in the Grindrod Group provide the Services to GRIN, for the benefit of all the companies in the Offshore Shipping Group, and to that end, GL is entitled to subcontract any of its obligations in terms of this Agreement to any other entity in the Grindrod Group, without the consent of GRIN, but shall always remain fully responsible for the performance of the subcontractor and the due fulfilment of GL’s obligations under this Agreement .

6. DURATION

6.1. This Agreement shall commence on the Commencement Date and, subject to any early termination in accordance with any other provisions of this Agreement, shall terminate on 31 December 2019.

6.2. GRIN shall be entitled to:

6.2.1. terminate this entire Agreement; or

6.2.2. cancel any one of the Services (for the avoidance of doubt it is recorded that in such circumstances this Agreement shall continue in respect of the Services not cancelled),

at any time by giving GL 2 (two) months’ written notice, provided that the end of such notice period must coincide with the end of a calendar month.

7. THE SERVICES

7.1. GL shall procure that the Services are provided to GRIN, for the benefit of all the companies in the Offshore Shipping Group, in accordance with the terms and conditions of this Agreement and to a reasonable professional standard.

7.2. Notwithstanding anything to the contrary contained in this Agreement, no entity in the Grindrod Group shall be obliged to comply with a directive of GRIN, any other entity in the Offshore Shipping Group or any person acting on their behalf, if such directive would not reasonably be given to and observed by a reasonable independent contractor rendering the Services.

8. IA SERVICES AND SOX PROJECT

8.1. It is intended that, subject to clause 6.1, the IA Services shall be provided to GRIN, for the benefit of for the benefit of all the companies in the Offshore Shipping Group, until the SOX Project has been fully implemented.

8.2. GL shall provide reasonable assistance and resources to GRIN, to enable GRIN to implement the SOX Project.

9. IT SERVICES

9.1. It is intended that:

9.1.1. the IT Services shall be provided until 30 June 2019; and

9.1.2. the Grindrod Group shall assist GRIN to transfer the IT Services to GRIN, or its nominated third party service provider, by that date.

9.2. The IT Services shall be transferred in accordance with the programme attached hereto as Annexure D (“IT Programme”). The IT Programme is to be read with the corresponding programme forming Annexure D to the GSSA Transitional Services Agreement in that they represent a consolidated transfer process.

9.3. The IT Programme sets out which Party is responsible for which action, and by the end of which month the action should be achieved.

9.4. Any reference in the IT Programme to GRINDROD IT shall be regarded as a reference to GL and any reference to SHIPPING shall be regarded as a reference to GRIN or GSSA, as applicable in the context.

10. FEES AND PAYMENT

10.1. In consideration for the provision of the Services as contemplated in this Agreement, GRIN shall pay fees to GL, in the amounts (along with value-added tax thereon) and, subject to clause 10.2 on the basis set out in, Annexure E.

10.2. In each case where it is specified in Annexure E that a fee is payable:

10.2.1. monthly in arrears, GL shall be entitled to invoice GRIN for such fee (along with value-added tax thereon) at any time following the end of each applicable month; or

10.2.2. in arrears following the end of any other specified period, GL shall be entitled to invoice GRIN for such fee (along with value-added tax thereon) at any time following the end of such period,

with GRIN being obliged to make payment of each such invoice within 30 (thirty) days of delivery thereof.

10.3. All payments to be made by GRIN to GL in terms of this Agreement shall be made by means of electronic funds transfer directly into a bank account nominated by GL in writing, without any deduction or set-off.

10.4. If any payment to be made in terms of this Agreement is not made on the due date thereof then, such overdue amounts will bear interest at the Default Interest Rate, from the due date for payment to the date of actual payment, both dates inclusive.

11. LIMITATION OF LIABILITY

11.1. The total liability of GL in respect of claims arising in terms of or in connection with this Agreement (whether arising from negligence, breach of contract or otherwise) shall be limited to an aggregate amount of R12 500 000 (twelve million five hundred thousand Rand).

11.2. Notwithstanding clause 11.1, GL shall not have any liability whatsoever for claims arising from:

11.2.1. an act or omission of GRIN, any other company in the Offshore Shipping Group or any person acting on their behalf;

11.2.2. any entity in the Grindrod Group complying with the instructions given by or on behalf of GRIN and/or any entity in the Offshore Shipping Group; and/or

11.2.3. an act or order of any legal authority, save where such act or order arises from or is due to the negligence of or a wrongful act or omission by any entity in the Grindrod Group in relation to the performance of the Services,

provided that this clause 11.2 shall not operate to exclude GL’s liability for any contributory negligence.

11.3. In no event shall:

11.3.1. GL be liable to GRIN and/or any entity in the Offshore Shipping Group for indirect or consequential loss or damage, loss of profits, business, revenue, goodwill or anticipated savings suffered by any of them and arising in terms of this Agreement; and

11.3.2. GRIN or any entity in the Offshore Shipping Group be liable to any entity in the Grindrod Group for indirect or consequential loss or damage, loss of profits, business, revenue, goodwill or anticipated savings suffered by any of them and arising in terms of this Agreement.

11.4. Notwithstanding anything to the contrary in this Agreement:

11.4.1. neither GRIN nor any entity in the Offshore Shipping Group shall have any claim against any entity in the Grindrod Group, apart from GL, arising in terms of this Agreement; and

11.4.2. no entity in the Offshore Shipping Group, other than GRIN, shall bring any claim against GL, in connection with this Agreement and/or the provision of the Services.

11.5. GRIN shall ensure that all other companies in the Offshore Shipping Group comply and act in accordance with the provisions of this clause 11.

12. OFFSHORE SHIPPING GROUP ASSISTANCE

GRIN shall, and shall procure that all other entities in the Offshore Shipping Group shall each, promptly provide all information, documentation and assistance reasonably required by GL or any other entity in the Grindrod Group in order to facilitate the effective provision of the Services as contemplated in this Agreement.

13. NON-SOLICITATION

GRIN shall not, and shall procure that none of the entities in the Offshore Shipping Group shall, for the duration of this Agreement and for a period of 24 (twenty four) months thereafter, without GL’s prior written consent and either for itself or as the agent of anyone else, persuade, induce, solicit,

encourage or procure any employee of GL and/or of any entity in the Grindrod Group, to leave the employ of GL and/or any entity in the Grindrod Group, as applicable.

14. BENEFIT OF CERTAIN PROVISIONS

The provisions of clauses 11, 12 and 13, as well as all other clauses required and/or desirable to give full effect to clauses 11, 12 and 13, constitute irrevocable stipulatio alteri in favour of each entity in the Grindrod Group, capable of acceptance at any time on written notice to the Parties.

15. FORCE MAJEURE

15.1. In the event that any Party is delayed in performing any of its respective obligations in this Agreement due to a Force Majeure Event, the Party so affected shall be relieved of performance of its obligations hereunder during the period that such Force Majeure Event and its consequences continue but only to the extent so prevented and shall not be liable for any delay or failure in the performance of any obligations hereunder or any loss or damages including either general, special or consequential loss or damage which the other Party may suffer due to or resulting from such delay or failure, provided always that written notice shall, within 48 (forty-eight) hours of the occurrence constituting the Force Majeure Event, be given of any such inability to perform by the affected Party and provided further that the obligation to give such notice shall be suspended to the extent necessitated by such Force Majeure Event.

15.2. In the event that any delay due to the Force Majeure Event occurs or is anticipated, the Party delayed or anticipating delays, shall take all reasonable steps to mitigate the consequences of such Force Majeure Event and shall resume performance of its obligations affected by the Force Majeure Event as soon as practicable.

15.3. If the circumstances constituting the Force Majeure Event continue for more than 60 (sixty) consecutive days, then either Party shall be entitled to terminate this Agreement on written notice to the other Party, provided that such notice must coincide with the end of a calendar month.

16. CONFIDENTIALITY

16.1. All Confidential Information disclosed by a Disclosing Party pursuant to this Agreement, whether before or after the Signature Date, shall be disclosed the sole purpose of enabling the Receiving Party to perform its obligations in terms of this Agreement.

16.2. The obligations of each Receiving Party with respect to Confidential Information shall subsist for the duration of this Agreement and for a period of 24 (twenty four) months following its termination. The provisions of this clause 16 are severable from the rest of this Agreement and shall remain in effect despite the termination or invalidity of this Agreement for any reason.

16.3. Each Disclosing Party shall retain ownership of all Confidential Information disclosed by it, and each Receiving Party acknowledges it shall not acquire any rights in respect of any such Confidential Information. Nothing contained in this Agreement is intended to grant, expressly or impliedly, any right or licence to any permit, patent, trademark, copyright, trade secret and/or any other item of real or intellectual property which a Disclosing Party may possess.

16.4. Each Receiving Party:

16.4.1. shall not use any of the Confidential Information of a Disclosing Party for such Receiving Party’s own purposes or for any purpose other than that for which such Confidential Information was disclosed in terms of this Agreement, unless authorised by such Disclosing Party in writing to do so;

16.4.2. shall not disclose any of the Confidential Information to any person other than a Permitted Recipient, unless authorised by the Disclosing Party to do so, and provided that such permission shall be valid:

16.4.2.1. only if given in writing;

16.4.2.2. for disclosure only to the third party identified in the written authorisation; and

16.4.2.3. for that specific instance of disclosure only,

and this clause 16 shall apply as if such person were a Permitted Recipient;

16.4.3. shall take all necessary steps and measures in order to prevent the disclosure of any Confidential Information to unauthorised persons, and to ensure proper and secure storage of Confidential Information;

16.4.4. may disclose the Confidential Information of a Disclosing Party in order to comply with any law, provided that the Receiving Party:

16.4.4.1. limits the disclosure only to that which is necessary to comply with the law;

16.4.4.2. advises the Disclosing Party in writing as soon as reasonably possible, and before the intended disclosure specifying:

16.4.4.2.1. the Confidential Information subject to disclosure;

16.4.4.2.2. the reasons for the disclosure;

16.4.4.2.3. the requirements under the direction of which the disclosure is or shall be made; and

16.4.4.2.4. where applicable, the identity of any third party requiring disclosure; and

16.4.4.3. shall provide the Disclosing Party with all reasonable co-operation at the cost of the Disclosing Party in any steps taken by the Disclosing Party to limit or prevent the disclosure.

16.5. Any disclosure by a Permitted Recipient of the Confidential Information contrary to this Agreement shall constitute an unauthorised disclosure by the relevant Receiving Party.

16.6. Each Receiving Party shall treat all Confidential Information as confidential, and shall handle such Confidential Information with the same degree of care it uses with respect to its own Confidential Information, but in no event with less than a reasonable degree of care.

16.7. In the event that the Receiving Party becomes aware that the Disclosing Party’s Confidential Information has been disclosed by it or its Permitted Recipients contrary to the terms of this Agreement, the Receiving Party shall forthwith:

16.7.1. inform such Disclosing Party in writing specifying what Confidential Information has been disclosed, how and to whom it has or may have been disclosed, when the unauthorised disclosure took place and what steps shall be taken to retrieve the Confidential Information and prevent future unauthorised disclosures;

16.7.2. take such steps as are necessary or as such Disclosing Party directs to retrieve the Confidential Information from unauthorised persons and to prevent further unauthorised disclosure of the Confidential Information; and

16.7.3. co-operate with such Disclosing Party in taking any steps to retrieve the Confidential Information from unauthorised persons and to prevent further disclosure of the Confidential Information.

16.8. Clause 16.7 is without prejudice to any rights of each Disclosing Party arising from the unauthorised disclosure of its Confidential Information.

16.9. Upon the written request of a Disclosing Party, the Receiving Party shall promptly return, destroy or expunge from any storage device all Confidential Information in its possession and confirm such destruction in writing to such Disclosing Party, provided that if required by law, the Receiving Party may retain 1 (one) copy of the Confidential Information for the period so required.

16.10. Where a Disclosing Party has required destruction of the Confidential Information and the media containing the Confidential Information, the Receiving Party shall, on request, confirm in writing that it has destroyed all Confidential Information and made reasonable efforts to

expunge the Confidential Information stored electronically from any storage device on which it was held.

16.11. All requests in terms of clauses 16.9 and 16.10, shall be complied with within 5 (five) Business Days.

16.12. Each Receiving Party hereby indemnifies each Disclosing Party against any loss, cost, damages, expense or liability arising from, or in connection with, the disclosure or use of any Confidential Information contrary to this Agreement by such Receiving Party, or Permitted Recipients or third parties to which such Receiving Party has directly or indirectly made disclosure.

17. NATURE OF THIS AGREEMENT

This Agreement constitutes the appointment by GRIN of GL as an independent contractor. Nothing in this Agreement or in the conduct of the Parties in relation to the performance of any obligations in terms of this Agreement shall be deemed or construed as creating a relationship of employment, principal and agent, partnership or joint venture between them.

18. RECIPROCAL WARRANTIES

18.1. The Parties warrant and represent to each other that they have taken or caused to be taken all steps, actions and corporate proceedings necessary to cause this Agreement to be binding on themselves. Any Party shall, if requested by the other Party, furnish to the latter sufficient evidence of the authority of the person or persons who shall, on behalf of the Party so requested, take any action or execute any documents required or permitted to be taken or executed by such person under this Agreement.

18.2. Each Party hereby warrants and represents to and in favour of the other Party that:

18.2.1. it has the legal capacity and has taken all necessary corporate action required to empower and authorise it to enter into this Agreement;

18.2.2. this Agreement constitutes an agreement valid and binding on it and enforceable against it in accordance with its terms;

18.2.3. it is fully aware of and acquainted with the provisions of this Agreement and the meaning and effect of all of such provisions; and

18.2.4. the execution of this Agreement and the performance of its obligations hereunder does not and shall not:

18.2.4.1. contravene any law or regulation to which that Party is subject;

18.2.4.2. contravene any provision of that Party’s constitutional documents; or

18.2.4.3. conflict with, or constitute a breach of any of the provisions of any other agreement, obligation, restriction or undertaking which is binding on it.

18.3. Each of the representations and warranties given by the Parties in terms of this clause 18, shall:

18.3.1. be a separate warranty and shall in no way be limited or restricted by inference from the terms of any other warranty or by any other words in this Agreement;

18.3.2. continue and remain in force notwithstanding the completion of any or all of the transactions contemplated in this Agreement; and

18.3.3. prima facie be deemed to be material and to be a material representation inducing the other Party to enter into this Agreement.

19. BREACH

19.1. If a Party commits any breach of this Agreement (“Defaulting Party”) and fails to remedy such breach within 15 (fifteen) Business Days (“Notice Period”) of written notice requiring the breach to be remedied, then the Party giving the notice (“Aggrieved Party”) shall be entitled, at its option:

19.1.1. to claim immediate specific performance from the Defaulting Party, with or without claiming damages; or

19.1.2. to cancel this Agreement, with or without claiming damages, in which case written notice of the cancellation shall be given to the Defaulting Party, and the cancellation shall take effect on the giving of the notice. No Party shall be entitled to cancel this Agreement unless the breach is a material breach (for purposes of clarity, without any limitation on clause 6.2). A breach shall be deemed to be a material breach if:

19.1.2.1. it is capable of being remedied, but is not so remedied within the Notice Period; or

19.1.2.2. it is incapable of being remedied and if payment in money shall compensate for such breach but such payment is not made within the Notice Period.

19.2. Each Aggrieved Party’s remedies in terms of this clause 19 are without prejudice to any other remedies to which such Aggrieved Party may be entitled in law.

20. NOTICES

20.1. The Parties respectively choose the following addresses, at which all processes and notices arising out of or in connection with this Agreement, its breach or termination may validly be served on or delivered to the Parties:

20.1.1.	GL:

	Physical address:	2nd Floor, Grindrod Mews, 106 Margaret Mncadi Avenue, Durban, 4001

	E-mail address:	groupsecretarial@grindrod.com

	Attention:	Andrew Waller

20.1.2.	GRIN:

	Physical address:	#03-01 Southpoint, 200 Cantonment Road, Singapore, 089763;

	E-mail address:	YvetteB@grindrod.com

	Attention:	Yvette Kingsley-Wilkins

20.2. All processes and notices in terms of this Agreement, shall be delivered by hand or e-mail to the addresses listed in clause 20.1.

20.3. A Party may change any of its addresses listed in clause 20.1 to any other address. Such change shall only take effect upon receipt or deemed receipt of such notice by the other Party.

20.4. Any notice given in terms of this Agreement shall be in writing and shall if:

20.4.1. delivered by hand during business hours to a person apparently in charge of the premises selected by the addressee for delivery of notices, be deemed to have been duly received by the addressee on the date of delivery; or

20.4.2. transmitted by e-mail, be deemed to have been received by the addressee on the day following the date of transmission.

20.5. Notwithstanding anything to the contrary contained or implied in this Agreement, a written notice or communication actually received by a Party, shall be adequate written notice or communication to such Party even if it has not been sent in the manner provided for, or to the addresses listed, in this clause 20.

21. APPLICABLE LAW

Notwithstanding the conflict of law principles which might otherwise have applied, this Agreement shall be governed by and interpreted in accordance with the substantive laws of South Africa.

22. DISPUTE RESOLUTION

22.1. If any dispute arises between the Parties in relation to any matter pertaining to, or arising out of this Agreement, its breach or termination, then any Party may give written notice to the other Party referring the dispute to arbitration in accordance with the provisions of this clause 22 (“Arbitration Notice”).

22.2. The arbitration shall be:

22.2.1. held at Durban, South Africa;

22.2.2. conducted in the English language;

22.2.3. held before a single arbitrator;

22.2.4. subject to the provisions of this clause 22, conducted in accordance with the AFSA Rules; and

22.2.5. held as soon as is reasonably practicable in the circumstances and with a view to it being completed within 30 (thirty) Business Days of the date of the Arbitration Notice.

22.3. The arbitrator shall be a retired judge of the High Court of South Africa or a practicing senior advocate of at least 10 (ten) years standing as such, agreed upon between the Parties, provided that should the Parties fail to agree on an arbitrator within 3 (three) Business Days of the date of the Arbitration Notice, the arbitrator shall, at the written request of any Party, be appointed by the President for the time being of AFSA or its successor.

22.4. The arbitrator shall determine which Party shall pay the costs of and incidental to the arbitration or, if more than one Party is to contribute, the ratio of their respective contributions, and the scale on which such costs are to be paid.

22.5. Subject to each Party’s rights of appeal in accordance with the AFSA Rules, the Parties irrevocably agree that the decision of the arbitrator shall be final and binding on them, shall be carried into effect, and shall be capable of being made an order of any court of competent jurisdiction.

22.6. The provisions of this clause 22:

22.6.1. constitute irrevocable consent by the Parties to any proceedings in terms of this clause 22 and no Party shall be entitled to withdraw therefrom or claim at any such proceedings that it is not bound by such provisions;

22.6.2. are severable from the rest of this Agreement and shall remain in effect despite the termination, or invalidity for any reason, of this Agreement; and

22.6.3. shall not preclude any Party from obtaining interim relief on an urgent basis from any court of competent jurisdiction pending the decision of the arbitrator.

23. JURISDICTION

23.1. Subject to clause 22, the Parties agree that any legal action or proceedings arising out of or in connection with this Agreement may be brought in the KwaZulu-Natal High Court, Durban and irrevocably submit to the non-exclusive jurisdiction of such court.

23.2. The Parties irrevocably waive any objection they may now or hereafter have that such action or proceeding has been brought in an inconvenient forum.

24. CO-OPERATION AND GOOD FAITH

24.1. The Parties shall co-operate with each other and do all such things as may be reasonably required of them in order to facilitate the implementation of this Agreement in accordance with its terms and objectives.

24.2. The Parties shall display good faith in their dealings with each other.

25. CESSION AND DELEGATION

25.1. GL shall be entitled to cede any of its rights and/or delegate any of its obligations under this Agreement to any other entity within the Grindrod Group, without the consent of GRIN save that GL shall always remain fully responsible for the performance of the subcontractor and the due fulfilment of GL’s obligations under this Agreement.

25.2. GRIN shall be entitled to cede any of its rights and/or delegate any of its obligations under this Agreement to any other entity within the Offshore Shipping Group, without the consent of GL.

25.3. Subject to clauses 25.1 and 25.2, no Party shall be entitled to cede any of its rights and/or delegate any of its obligations under this Agreement to any other party without the prior written consent of the other Party.

26. WHOLE AGREEMENT, NO AMENDMENT

26.1. This Agreement constitutes the whole agreement between the Parties relating to the subject matter hereof and supersedes any other discussions, agreements and/or understandings regarding the subject matter hereof.

26.2. No amendment or consensual cancellation of this Agreement or any provision or term hereof or of any agreement or other document issued or executed pursuant to or in terms of this

Agreement and no settlement of any disputes arising under this Agreement and no extension of time, waiver or relaxation or suspension of or agreement not to enforce or to suspend or postpone the enforcement of any of the provisions or terms of this Agreement or of any agreement, bill of exchange or other document issued pursuant to or in terms of this Agreement shall be binding unless recorded in a written document signed by the Parties (or in the case of an extension of time, waiver or relaxation or suspension, signed by the Party granting such extension, waiver or relaxation). Any such extension, waiver or relaxation or suspension which is so given or made shall be strictly construed as relating strictly to the matter in respect whereof it was made or given.

26.3. No extension of time or waiver or relaxation of any of the provisions or terms of this Agreement or any agreement or other document issued or executed pursuant to or in terms of this Agreement, shall operate as an estoppel against any Party in respect of its rights under this Agreement, nor shall it operate so as to preclude such Party (save as to any extension, waiver or relaxation actually given) thereafter from exercising its rights strictly in accordance with this Agreement.

27. SEVERABILITY

Any provision in this Agreement which is or may become illegal, invalid or unenforceable in any jurisdiction affected by this Agreement shall, as to such jurisdiction, be ineffective to the extent of such prohibition or unenforceability and shall be treated pro non scripto and severed from the balance of this Agreement, without invalidating the remaining provisions of this Agreement or affecting the validity or enforceability of such provision in any other jurisdiction.

28. INDEPENDENT ADVICE

Each Party acknowledges that it has been free to secure independent legal and/or other advice as to the nature and effect of all of the provisions of this Agreement and that it has either taken such independent legal and/or other advice or dispensed with the necessity of doing so.

29. GENERAL

29.1. Agreement Binding on Successors in Title

This Agreement shall be binding on the administrators, trustees, business rescue practitioners, liquidators and other successors-in-title of the Parties, who shall not be entitled to terminate this Agreement merely by reason of a Party being placed in business rescue or liquidation. Each Party indemnifies the other against any loss or damage of any nature whatsoever which any other Party may sustain if this Agreement is not binding for any reason on the former’s administrators, trustees, business rescue practitioners, liquidators and/or other successors-in-title.

29.2. Exclusion of Electronic Signature

The reference in this Agreement to “writing” shall, notwithstanding anything to the contrary in this Agreement, be read and construed as excluding any form of electronic signature.

29.3. Continuing Effectiveness of Certain Provisions

The expiration or termination of this Agreement shall not affect such of the provisions of this Agreement as expressly provided that they shall operate after any such expiration or termination or which of necessity must continue to have effect after such expiration or termination, notwithstanding that the clauses themselves do not expressly provide for this.

30. COSTS AND TAXES

30.1. Each Party shall bear its own costs incidental to the preparation of this Agreement (including prior drafts and consultations).

30.2. If any Party instructs an attorney to enforce any of its rights in terms of this Agreement, then it shall be entitled to claim and recover the legal costs incurred by it (on an attorney and own client basis) whether or not such costs are incurred in legal proceedings.

31. SIGNATURE

31.1. This Agreement is signed by the Parties on the dates and at the places indicated below.

31.2. This Agreement may be executed in counterparts, each of which shall be deemed an original, and all of which together shall constitute one and the same Agreement as at the date of signature of the Party last signing one of the counterparts.

31.3. The persons signing this Agreement in a representative capacity warrant their authority to do so.

31.4. The Parties record that it is not required for this Agreement to be valid and enforceable that a Party shall initial the pages of this Agreement and/or have its signature of this Agreement verified by a witness.

[SIGNATURE PAGE TO FOLLOW]

For:	GL



Signature:	/s/ Andrew Geard Waller
	who warrants that he / she is duly authorised thereto

Name:	ANDREW GEARD WALLER
Date:	2018-04-24
Place:	Durban


Signature of Witness:	/s/ Gerda Quintal


Name of Witness:	Gerda Quintal



For:	GRIN



Signature:	/s/ Martyn Richard Wade
	who warrants that he / she is duly authorised thereto

Name:	Martyn Richard Wade
Date:	24 April 2018
Place:	Singapore


Signature of Witness:	/s/ Deborah Ann King


Name of Witness:	Deborah Ann King

Annexure A COMPANY SECRETARIAL SERVICES

1. Such company secretarial services as may be required by GRIN until such time as a company secretary has been appointed by GRIN:

1.1. Engaging and liaising with Yvette Kingsley-Wilkins in Singapore relating to general secretarial and administrative matters, including but not limited to matters that require filing with ACRA.

1.2. All remaining governance and secretarial work relating to the spin-off transaction and dual listing not required at the date of listing.

1.3. Drafting of, or assisting with the drafting of the Code of Ethics and all other corporate governance policies and procedures.

1.4. Establishing a policy management process and procedure.

1.5. Establishing an ethics (including conflict of interest, anti-trust, gifts, etc.) management system.

1.6. Establishing a company secretarial system and process for a dual listed company, incorporated in a different jurisdiction – i.e. dealing with three jurisdictions.

1.7. Planning, developing and engaging with relevant service providers for the preparation of a directors’ induction pack and initial directors’ induction.

1.8. Establishing a process and system for the continual training and development of directors, including legislative and governance updates.

1.9. Assisting with (to the extent required) directors’ induction and continual training, which may include senior management.

1.10. Planning, preparing and circulating board and board committee meeting packs.

1.11. Attending board and board committees (whether in person or via electronic communication).

1.12. Drafting, circulating and finalising board and board committee meeting minutes and maintenance of minute books.

1.13. Maintaining register of board and board committee resolutions.

1.14. Preparation and convening of Annual General Meeting and other General Meetings as may be required.

1.15. Preparation and maintenance of minutes of shareholder meetings.

1.16. Drafting and circulating round robin resolutions for the board and/or board committees and maintaining register of round robin resolutions.

1.17. Engaging and liaising with the NASDAQ, JSE, service providers such as financial printers, transfer agents, transfer secretaries, US, SA and Singapore counsel in connection with the implementation of the provisions of the listings requirements as may be required.

Annexure B IA SERVICES

Combined Assurance Framework

Assessment of Risk Management

2019 IA Assignments: an estimated 12- 15 assignments including the following (in each case, if required):

· Crewing - Payroll Controls review (including time and attendance)

· Sustainability Data Review

· Travel and Expenditure Review

· Cyber Security Review

· IT Governance Review

· Human Resources Review (Movers, Leaver and Joiners Review)

· Cash to Master Expenditure review

· Claim Process (Supplier and Customer)

· Planned Maintenance and breakdown review

· Expatriate expenditure and compliance review.

· IT Assets (Hardware/Software) Management review

· IT (Innovation/Green IT)

28 Annexure C IT SERVICES provider(s) to confirm implementation approach for client’s consideration in giving final Service Offering Service Deliverable DDKZN MSC DDWP Grindrod Comments Managed SCOM Monitoring 1. 24x7x365 proactive monitoring A R 2. Configure standard set of identified events, thresholds and alerting criteria. Ensure events and alerts are automatically generated, displayed on monitoring console and notified to the appropriate personnel according to the pre-defined business rules A R Inclusion of new alerting rules 3. Respond to and diagnose the identified SNMP traps, syslog and threshold breach alerts. A R 4. Follow pre-defined work instructions including notification and escalation procedures A R 5. Access Management I C A 6. Management of all administrative account access to the network devices A R 7. Monthly review and audit of account usage. A R 8. Termination of inactive accounts in line with the client’s Information Security Management Policy A R 9. Monthly Inactive Accounts Report A R Health Checks 1. Daily A R a. Management pack tuning (through feedback from system owners) A R C b. Agent State Verification A R c. Scheduled Task: Close Rule Alerts Older Than 24 Hours A R d. Verify Daily Health Check Output A R 2. Weekly A R a. Scheduled Task: Reset Monitor State for Manually Closed / Failed Monitors A R b. Scheduled Task: Clear Management Server Cache A R c. Review Operations Manager Alert Grooming (Scoped to Management Servers Only) A R 3. Monthly A R a. Backup Verification (Unsealed Management Packs; Databases) A R House Keeping 1. Remediate broken clients A R 2. Remediation of SCOM infrastructure problems identified A R Capacity Management and Performance Tuning 1. Capture and analyse operating system capacity data e.g. Average Resource Utilisation and Peak Resource Utilisation for CPU, RAM, I/O, file systems on monthly basis A R 2. Analysis of operating system resource utilisation to identify performance bottlenecks within the operating system instance A R 3. Where applicable, analyse OS performance data with the physical server performance data to identify bottleneck issues within the physical infrastructure A R 4. Identify actions which may improve the interaction between server hardware and operating system through configuration changes e.g. A R 5. Windows OS - network adapter settings, TCP / IP parameters, system parameters, paging, I/O, logical volume configurations, workload balancing A R 6. Translate utilisation statistical trends and analysis into a Quarterly Capacity and Performance Analysis and Recommendation Report A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R Change Management Records System to be included 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 1 per server per quarter, unless additional changes are purchased A R Patch Management 1. Identify the required SCOM service packs/ patches, security fixes and updates A R 2. Create Patch Management Plan for review and agreement with the client A R 3. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 4. Deploy patches following Change Management A R 5. Verify system functionality upon patches deployment and observe for 2 weeks. A R Reporting 1. Monthly, Automated Availability Report A R Reporting Requirements to be defined as part of transition 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

29 provider(s) to confirm implementation approach for client’s consideration in giving final user session, web page responsiveness, audio and video playback, flash animations, Managed VMWare Monitoring 1. 24x7x365 proactive monitoring A R 2. Configure standard set of identified events, thresholds and alerting criteria. Ensure events and alerts are automatically generated, displayed on monitoring console and notified to the appropriate personnel according to the pre-defined business rules A R 3. Respond to and diagnose the identified SNMP traps, syslog and threshold breach alerts. A R 4. Follow pre-defined work instructions including notification and escalation procedures A R 5. Access Management A R 6. Management of all administrative account access to the network devices A R 7. Monthly review and audit of account usage. A R 8. Termination of inactive accounts in line with the client’s Information Security Management Policy A R 9. Monthly Inactive Accounts Report A R Health Checks 1. Weekly check on the following components and perform remedial actions as required to ensure the desktop virtualization infrastructure remains stable, e.g.: A R a. Alarm status – all levels including data centre, cluster, host and virtual desktops A R b. Host and virtual desktop performance – memory, CPU and virtual disk space to establish performance baseline A R 2. Weekly review of event logs for adverse trends or abnormal messages A R 3. Weekly check of virtualization services, e.g.: A R a. VMware A R i. VMware Management Agent (mgmt-vmware) A R ii. VMware Virtual Center Agent (vmware-vpxa) A R iii. VMware Web Access (vmware-webAccess) A R iv. VMware License Server A R b. SQL Service A R c. Microsoft Hyper-V Service A R d. Remote Desktop Service e. Microsoft Terminal Service A R 4. Any client-specific checks agreed and documented during the Service Transition A R House Keeping 1. Rotation of system logs, message logs generated by server virtualization platform A R 2. Maintenance of system start-up and shutdown scripts of server virtualization platform A R 3. Review monitored threshold for appropriateness and accuracy. Adjust threshold settings upon approval A R 4. VM Snapshots – compress, archive, to ensure available disk space is at a healthy level A R 5. Removal of temporary files A R Scheduled Work* 1. VM snapshots A R 2. Moving virtual machines between hosts for maintenance or workload balancing A R 3. Create, add, modify or remove Datacenter’s, Hosts, Clusters, Resource Pools, Datastores, Templates A R 4. Manage settings e.g. runtime, active directory, mail sender, SNMP, ports, timeouts, logging options, database retention policy, SSL following Change Management. A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Requests are capped at 20% of total number of virtual systems per month A R Configuration Management 1. Log and track desktop virtualization platform and configurations in Configuration Management Database (CMDB), e.g. asset inventory data, associated location, IP address, support and maintenance contract details A R 2. Update and maintain records of desktop virtualization platform configuration upon execution of changes A R Capacity Management 1. Capture and analyse workloads associated with desktop virtualization platform, resource pools and storage repositories on a monthly basis A R 2. Perform Quarterly Review of compute resources and storage capacity to identify increases in resource utilisation and capture requirements where new versions of applications require additional compute resources A R 3. Translate utilisation statistical trends and analysis into a Quarterly Capacity and Performance Analysis and Recommendation Report A R Performance Tuning 1. Analyse, together with the operating system performance report, to identify bottleneck issues within the virtualised infrastructure platform A R 2. Identify areas which may improve/ optimize the user experience, e.g. optimization of throughput and display of image files, keyboard and mouse responsiveness A R 3. Provide tuning recommendation and review with client. A R Patch Management 1. Identify and evaluate required updates for client OS, e.g. desktop virtualization software updates and patches on quarterly basis A R Version Upgrade Advisory Process 2. Work with respective vendor / vendor websites for patch availability on a monthly basis A R 3. Create Patch Management Plans for review and agreement with the client. A R 4. Test patches on client environments – where no test environments are available, review of patching procedures with vendors. A R 5. Deploy patches following Change Management process. A R 6. Verify functionality and provide post deployment support; observe for two weeks A R Access Management 1. Manage all administrative access to the server virtualisation platform e.g. pool administrators, pool operators, VM administrators A R 2. Termination of inactive/ expired accounts A R 3. Monthly Inactive/Expired Accounts Report A R Procedural Documentation 1. Maintain work instructions for network health checks, housekeeping procedures, custom monitoring parameters and provisioning procedures A R Creation of a restricted access client portal (document repo) 2. Maintenance of network and network security configurations details including network settings, network routes, firewall rules 3. Maintain functional and hierarchical escalation procedures for network related events and incidents A R 4. Maintain network maintenance schedule A R Reporting 1. Monthly, Automated Availability Report A R 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

30 mount points required for the smooth operation of the data storage environment and provider(s) to confirm implementation approach for client’s consideration in giving final Managed Storage Monitoring 1. Monitoring components including availability, performance & capacity thresholds, error rates/retries, status change, file systems, logical volumes, mount-points, service processors and disk controllers; virtual storage pools; LUNs (Logical Unit Numbers), physical storage devices and SAN switches; storage snapshots, replication and mirror copies; and associated storage management software. A R Third Party Vendor Management - Dell 2. Event monitoring – to identify storage devices events which can cause Priority 1 or Priority 2 incidents A R 3. Storage Log monitoring – to identify messages in system logs generated by storage devices which can indicate Priority 1 or Priority 2 incidents A R 4. Availability monitoring – to identify unavailability of physical disks, LUNs, volumes, associated IT systems A R 5. Capacity Threshold Monitoring – to identify prolonged over-utilisation of storage resources above the agreed targeted thresholds e.g. space utilisation I/O latency, disk busy, read/writes A R 6. Configuration Monitoring – to identify unauthorized changes to storage system configurations A R 7. Configuration Monitoring – to identify changes to storage devices configurations outside of Change Management A R 8. Respond to and diagnose the identified events, log messages and threshold alerts. Follow pre-defined work instructions, notification and escalation (functional and hierarchical) procedures A R Health Checks 1. Daily review of systems logs for adverse trends or abnormal messages associated with storage and switch devices A R Will these checks/reports run 7 days a week 2. Weekly review of all replication, shadow copy, snapshot functions to ensure consistent performance A R 3. Weekly check of all storage and switch devices to ensure operating within expected performance parameters, e.g. overall storage sub-systems, IOS, firmware and microcode checks and driver status A R 4. Monthly review of SAN configuration with all mappings of volumes and channels examined A R 5. Any client-specific checks agreed and documented during the Service Definition A R House Keeping 1. Remove temporary files and rotate storage subsystems and storage switch log files A R 2. Maintain storage management policies A R 3. Review space utilisation across logical volumes A R Procedural Documentation 1. Maintain storage devices configurations documentation including SAN diagrams, RAID configurations, LUN configurations, user rights and permissions settings A R 2. Maintain functional and hierarchical escalation procedures for storage devices related events and incidents A R 3. Maintain storage device maintenance schedule A R Capacity Management and Performance Tuning 1. Monthly analysis of storage devices resource utilisation to identify trends and/or performance bottleneck within the storage environment A R 2. Identify actions to optimize physical storage, virtual storage pools and LUN configurations; and improve the interaction between operating system and storage devices through configuration changes, e.g. RAID configuration, stripe unit size, volume layout, I/O performance counters and queue length A R Are the recommended actions included in the service Translate utilisation statistics into Quarterly Capacity and Performance Analysis and Recommendation Report A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 3 per storage device per quarter, unless additional changes are purchased A R Reporting 1. Monthly, Automated Availability Report 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

31 provider(s) to confirm implementation approach for client’s consideration in giving final Managed Compute Monitoring 1. Subsystem event monitoring – to identify events which can cause Priority 1 or Priority 2 incidents. A R 2. System Log monitoring – to identify system messages about device changes, device drivers, system changes, and operations which can cause Priority 1 or Priority 2 incidents A R 3. Respond to and diagnose the identified events, system log messages and threshold alerts. Follow pre-defined work instructions, notifications and escalation (functional and hierarchical) procedures A R 4. Configuration Monitoring – to identify changes to hardware configurations outside of Change Management A R Health Checks 1. Develop checklist for server hardware and console subsystem health checks A R 2. Daily review of all the server console subsystems and hardware health including memory, processor, power supply, hard disks, fans, and chipset along with the status and message of the subsystem A R 3. Weekly review of system and system event logs for adverse trends or abnormal messages A R 4. Monthly functionality test of existing Out-of-Band Management (OOB) facilities A R House Keeping 1. Review monitored threshold for appropriateness and accuracy. Adjust threshold settings upon approval A R 2. Perform system event logs rotation, archival and temporary files clean up A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 1 per physical server per quarter, unless additional changes are purchased A R Access Management 1. Manage all administrative access to console subsystems under Managed Operations Services A R 2. Periodically review and audit usage of administrative account A R Capacity Management Covered Under Managed VMWare and Managed OS A R Procedural Documentation 1. Maintain work instructions for network health checks, housekeeping procedures, custom monitoring parameters and provisioning procedures A R 2. Maintenance of network and network security configurations details including network settings, network routes, firewall rules A R 3. Maintain functional and hierarchical escalation procedures for network related events and incidents A R 4. Maintain network maintenance schedule A R Performance Tuning 1. Identify actions which may improve the interaction between and efficiency of server hardware and operating system through configuration changes, e.g. network adapter settings, TCP parameters, kernel parameters, paging file/ swap space, memory dump, I/O, RAID configuration, logical volume configurations, workload balancing A R 2. Analyse together with the operating system performance report to identify bottleneck issues within the server infrastructure under Managed Operations Service A R 3. Provide tuning recommendations and review with client. A R Patch Management 1. Will be available when clients have valid existing support and maintenance agreement with the server hardware vendor A R 2. Identify the required BIOS, firmware or driver updates A R 3. Create Patch Management Plans for review and agreement with the client A R 4. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 5. Deploy patches following Change Management process A R 6. Verify server functionality upon patches deployment and observe for 2 weeks A R Reporting 1. Monthly, Automated Availability Report A R 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

32 backups in a timely manner. Analysis storage capacity trends for disk-to-disk backups to Managed Backup Monitoring 1. Monitoring includes availability, event, capacity and performance monitoring of the backup environment: A R 2. Availability monitoring of backup management tools, backup storage devices, e.g. disk storage, tape libraries, tape drives A R 3. Event monitoring – backup errors, validation failures, backup job failures, management tools alerts A R 4. Capacity monitoring – identifying breaches in utilisation thresholds for backup storage devices which may prevent backups from successful completion A R 5. Configuration monitoring – where Managed Operations for Backups is bundled with Managed Operations for OS and Storage, identifying volumes/file systems in use which are not being backed up for review with client A R 6. Performance Monitoring – identifying backup jobs exceeding allowable backup windows in order to take correction action A R 7. Respond to and diagnose the identified events, log messages and threshold alerts. Follow pre-defined work instructions, notification and escalation (functional and hierarchical) procedures A R Health Checks 1. Management of backup schedules on a daily basis to track and manage the completion of backup jobs A R 2. Re-scheduling of failed backups A R 3. Access Management A R 4. Manage backup-specific access accounts to enable successful management of backup schedules A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance provider(s) to confirm implementation approach for client’s consideration in giving final authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Requests are capped at 4 per backup instance per month, unless additional changes are purchased A R Procedural Documentation 1. Maintain work instructions for backup management tools, backup scripts/jobs, media libraries (virtual/physical) A R 2. Maintain backup configurations documentation, backup management hierarchical diagrams, backup schedules, media management procedures A R 3. Maintain functional and hierarchical escalation procedures for backup related events and incidents A R House Keeping 1. Perform backup systems logs rotation and archival A R 2. Perform test restores to ensure integrity of backups to client-defined environments A R Monthly Test/Restore 3. Execute ad-hoc and scheduled backup and restore requests upon Change Approval A R 4. Manage Virtual Tape Libraries (VTL) A R 5. Create and maintain media pools (tape, disk) A R 6. Track and manage life cycle of tape media. Monitor tape media utilisation A R Capacity Management Capture and analyse backup capacity data e.g. physical/ virtual media pools/ tape media, backup timings compared to backup windows - to identify adverse trends in achieving identify capacity requirements. A R Performance Tuning Perform adjustments to schedule timing, media pools, tape and storage media to most efficiently complete backup schedule A R Patch Management 1. Identify the required backup software service packs/ patches, bug fixes, security fixes and updates A R Specify both HW and SW 2. Create Patch Management Plan for review and agreement with the client A R 3. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 4. Deploy patches following Change Management A R 5. Verify backup software functionality upon patches deployment and observe for 2 weeks. A R Reporting 1. Provide the following reports to facilitate Quarterly Service Review meeting A R 2. Daily Backup Completion Report A R Replication Report to be included (off site copy) 3. Monthly Backup Capacity Utilization Report A R 4. Quarterly Capacity and Performance Analysis and Recommendation Report A R

33 Managed Active Directory Monitoring 1. 24x7x365 proactive monitoring A R 2. Configure standard set of identified events, thresholds and alerting criteria. Ensure events and alerts are automatically generated, displayed on monitoring console and notified to the appropriate personnel according to the pre-defined business rules A R 3. Respond to and diagnose the identified SNMP traps, syslog and threshold breach alerts. A R 4. Follow pre-defined work instructions including notification and escalation procedures A R 5. Access Management A R 6. Management of all administrative account access to the network devices A R 7. Monthly review and audit of account usage. A R 8. Termination of inactive accounts in line with the client’s Information Security Management Policy A R 9. Monthly Inactive Accounts Report A R Health Checks 1. Daily A R a. Monitor Active Directory and related services alerts A R Will these checks be reported daily b. Complete Active Directory Health Check including, Replication, FSMO role availability, time service A R c. Ensure that AAD Connect service is running and review SYNC schedules for jobs A R 2. Monthly A R a. Install latest Microsoft approved patches A R 3. Quarterly A R a. Perform Active Directory Database Management A R b. Perform DHCP/WINS Database Management A R House Keeping 1. Maintain Organisational Unit Structure A R 2. Maintain Group Policies A R 3. Maintain Active Directory Object Life Cycle A R 4. Maintain Delegation Model A R 5. Maintain Domains, Trusts, Sites and Services A R Procedural Documentation 1. Maintain work instructions for network health checks, housekeeping procedures, custom monitoring parameters and provisioning procedures A R 2. Maintenance of network and network security configurations details including network settings, network routes, firewall rules A R 3. Maintain functional and hierarchical escalation procedures for network related events and incidents A R 4. Maintain network maintenance schedule A R Capacity Management and Performance Tuning 1. Capture and analyse operating system capacity data e.g. Average Resource Utilisation and Peak Resource Utilisation for CPU, RAM, I/O, file systems on monthly basis A R 2. Analysis of operating system resource utilisation to identify performance bottlenecks within the operating system instance A R 3. Where applicable, analyse OS performance data with the physical server performance data to identify bottleneck issues within the physical infrastructure A R 4. Identify actions which may improve the interaction between server hardware and operating system through configuration changes e.g. A R 5. Windows OS - network adapter settings, TCP / IP parameters, system parameters, paging, I/O, logical volume configurations, workload balancing A R 6. Translate utilisation statistical trends and analysis into a Quarterly Capacity and Performance Analysis and Recommendation Report A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance provider(s) to confirm implementation approach for client’s consideration in giving final authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 1 per server per quarter, unless additional changes are purchased A R Patch Management 1. Identify the required operating system service packs/ patches, security fixes and updates A R 2. Create Patch Management Plan for review and agreement with the client A R 3. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 4. Deploy patches following Change Management A R 5. Verify system functionality upon patches deployment and observe for 2 weeks. A R Reporting 1. Monthly, Automated Availability Report A R 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

34 provider(s) to confirm implementation approach for client’s consideration in giving final Managed OS Monitoring 1. 24x7x365 proactive monitoring A R 2. Configure standard set of identified events, thresholds and alerting criteria. Ensure events and alerts are automatically generated, displayed on monitoring console and notified to the appropriate personnel according to the pre-defined business rules A R 3. Respond to and diagnose the identified SNMP traps, syslog and threshold breach alerts. A R 4. Follow pre-defined work instructions including notification and escalation procedures A R 5. Access Management A R 6. Management of all administrative account access to the network devices A R 7. Monthly review and audit of account usage. A R 8. Termination of inactive accounts in line with the client’s Information Security Management Policy A R 9. Monthly Inactive Accounts Report A R Health Checks 1. Periodic check of system parameters to ensure they comply to the Standard Operating Environment agreed to with the client A R 2. Periodic check to ensure all core system services/daemon processes are started and running A R House Keeping 1. Rotation of system logs, message logs A R 2. Clean-up of temporary files A R 3. Maintenance of system start-up and shutdown scripts A R 4. Configure & administer TCP/IP network parameters, including Hostname, IP address, Sub-Net and other server networking configurations A R Access Management Management of all privileged account access to the operating system, e.g. Windows Administrator. A R Procedural Documentation 1. Maintenance of operating system configurations details including network settings, system/kernel parameters, mounted volumes, user rights and permissions settings A R 2. Maintain functional and hierarchical escalation procedures for operating system related events and incidents A R 3. Maintain operating system maintenance schedule A R Capacity Management and Performance Tuning 1. Capture and analyse operating system capacity data e.g. Average Resource Utilisation and Peak Resource Utilisation for CPU, RAM, I/O, file systems on monthly basis A R 2. Analysis of operating system resource utilisation to identify performance bottlenecks within the operating system instance A R 3. Where applicable, analyse OS performance data with the physical server performance data to identify bottleneck issues within the physical infrastructure A R 4. Identify actions which may improve the interaction between server hardware and operating system through configuration changes e.g. A R 5. Windows OS - network adapter settings, TCP / IP parameters, system parameters, paging, I/O, logical volume configurations, workload balancing A R 6. Translate utilisation statistical trends and analysis into a Quarterly Capacity and Performance Analysis and Recommendation Report A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 1 per server per quarter, unless additional changes are purchased A R Patch Management 1. Identify the required operating system service packs/ patches, security fixes and updates A R 2. Create Patch Management Plan for review and agreement with the client A R 3. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 4. Deploy patches following Change Management A R 5. Verify operating system functionality upon patches deployment and observe for 2 weeks. A R Reporting 1. Monthly, Automated Availability Report A R 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

35 Managed Exchange Monitoring 1. 24x7x365 proactive monitoring A R 2. Configure standard set of identified events, thresholds and alerting criteria. Ensure events and alerts are automatically generated, displayed on monitoring console and notified to the appropriate personnel according to the pre-defined business rules A R 3. Respond to and diagnose the identified SNMP traps, syslog and threshold breach alerts. A R 4. Follow pre-defined work instructions including notification and escalation procedures A R 5. Access Management A R 6. Management of all administrative account access to the network devices A R 7. Monthly review and audit of account usage. A R 8. Termination of inactive accounts in line with the client’s Information Security Management Policy A R 9. Monthly Inactive Accounts Report A R Health Checks 1. Daily A R a. Daily Exchange Health Checks A R b. Monitoring the performance and availability of the Exchange servers A R c. Monitoring event logs and responding to problems encountered A R 2. Monthly A R a. System Patch Management A R 3. Quarterly A R a. Exchange system health audits A R 4. Bi-Annually A R a. Installation of Service Packs A R House Keeping 1. Management of non-user mailboxes A R 2. Global settings – configure system-wide settings for all servers and recipients in an Exchange organisation A R 3. Recipients – manage address lists, offline address lists, recipient update services and recipient policies A R 4. Administrative groups – manage the permissions of administrative groups that contain policies, routing groups, public folder hierarchies, and servers A R 5. Database Availability Groups (DAG) – manage database copies, active database failovers, DAG networks A R 6. Servers – administer server-specific configuration objects such as Queues, Mailbox stores, Public Folder stores, and Protocols information A R 7. System policies – administer the configuration settings that you apply to one or more servers, mailbox stores, or public folder stores. For example, to enable message tracking across multiple servers, a single policy can be defined instead of performing the lengthy task of setting individual policies to enable message tracking on each server A R 8. Send & Receive Connectors to manage internal & external mail flow, managed mail relays A R 9. Folders – administer access to public folder stores A R 10. Resource Mailboxes - administer auto-attendant features and types of mailboxes. A R Procedural Documentation 1. Maintain work instructions for network health checks, housekeeping procedures, custom monitoring parameters and provisioning procedures A R 2. Maintenance of network and network security configurations details including network settings, network routes, firewall rules A R 3. Maintain functional and hierarchical escalation procedures for network related events and incidents A R 4. Maintain network maintenance schedule A R Capacity Management and Performance Tuning 1. Capture and analyse operating system capacity data e.g. Average Resource Utilisation and Peak Resource Utilisation for CPU, RAM, I/O, file systems on monthly basis A R 2. Analysis of operating system resource utilisation to identify performance bottlenecks within the operating system instance A R 3. Where applicable, analyse OS performance data with the physical server performance data to identify bottleneck issues within the physical infrastructure A R 4. Identify actions which may improve the interaction between server hardware and operating system through configuration changes e.g. A R 5. Windows OS - network adapter settings, TCP / IP parameters, system parameters, paging, I/O, logical volume configurations, workload balancing A R 6. Translate utilisation statistical trends and analysis into a Quarterly Capacity and Performance Analysis and Recommendation Report A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance provider(s) to confirm implementation approach for client’s consideration in giving final authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 1 per server per quarter, unless additional changes are purchased A R Patch Management 1. Identify the required operating system service packs/ patches, security fixes and updates A R 2. Create Patch Management Plan for review and agreement with the client A R 3. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 4. Deploy patches following Change Management A R 5. Verify system functionality upon patches deployment and observe for 2 weeks. A R Reporting 1. Monthly, Automated Availability Report A R 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R

36 provider(s) to confirm implementation approach for client’s consideration in giving final Managed DR Monitoring 1. Monitoring includes availability, event, capacity and performance monitoring of the environment: A R 2. Availability monitoring of replication management tools, storage devices, e.g. disk storage. A R 3. Event monitoring – replication errors, validation failures, job failures, management tools alerts A R 4. Capacity monitoring – identifying breaches in utilisation thresholds for replication storage devices which may prevent replication from successful completion A R 5. Performance Monitoring – identifying replication jobs exceeding allowable replication windows in order to take correction action A R 6. Respond to and diagnose the identified events, log messages and threshold alerts. Follow pre-defined work instructions, notification and escalation (functional and hierarchical) procedures. A R Health Checks 1. Periodic check of system parameters to ensure they comply to the Standard Operating Environment agreed to with the client A R 2. Periodic check to ensure all core system services/daemon processes are started and running A R House Keeping 1. Rotation of system logs, message logs A R 2. Clean-up of temporary files A R 3. Configure & administer TCP/IP network parameters, including Hostname, IP address, Sub-Net and other server networking configurations A R Access Management 1. Management of all privileged account access to the system, e.g. Administrator. A R 2. Creation/ Modification/ Deletion of user accounts in line with the client’s Information Security Management Policy A R Procedural Documentation 1. Maintain work instructions for network health checks, housekeeping procedures, custom monitoring parameters and provisioning procedures A R 2. Maintenance of network and network security configurations details including network settings, network routes, firewall rules A R 3. Maintain functional and hierarchical escalation procedures for network related events and incidents A R 4. Maintain network maintenance schedule A R Capacity Management and Performance Tuning 1. Capture and analyse system capacity data e.g. Average Resource Utilisation and Peak Resource Utilisation for CPU, RAM, I/O, file systems on monthly basis A R 2. Analysis of system resource utilisation to identify performance bottlenecks within the system instance A R 3. Where applicable, analyse performance data with the server performance data to identify bottleneck issues within the physical infrastructure A R 4. Identify actions which may improve the interaction between server hardware and the system through configuration changes e.g. A R 5. Network adapter settings, TCP / IP parameters, system parameters, paging, I/O, logical volume configurations, workload balancing A R 6. Translate utilisation statistical trends and analysis into a Quarterly Capacity and Performance Analysis and Recommendation Report A R Change Management and Implementation 1. Coordinate Change Management Process end-to-end for configuration changes A R 2. Coordinate with the client’s Change Management team to ensure appropriate approval and scheduling of configuration changes are in place A R 3. Assist in the client’s business impact assessment of the change by performing a technical impact assessment, to be taken into account during change approval A R 4. Develop Change Implementation Plan, Back-Out Plan and Post Implementation Test Plan A R 5. Review Change Implementation Plan with the client’s support and maintenance authorization to proceed with the configuration change A R 6. Implement configuration changes using Change Implementation Plan on behalf of clients following the Change Management Process A R 7. Perform Post Implementation Test upon configuration changes A R 8. Notify the client of the completion of the Change Implementation A R 9. Activate Back-Out Plan in the event of unsuccessful configuration changes A R 10. Log, track and report configuration changes made A R 11. Change Request is capped at 1 per quarter, unless additional changes are purchased A R Patch Management 1. Identify the required system service packs/ patches, security fixes and updates A R 2. Create Patch Management Plan for review and agreement with the client A R 3. Deploy patches following Change Management A R 4. Verify system functionality upon patches deployment and observe for 2 weeks. A R Reporting 1. Monthly, Automated Availability Report A R 2. Monthly, Automated Capacity Utilisation Report A R 3. Quarterly, Capacity and Performance Analysis and Recommendation Report A R Additional Services OS Patching* 1. Identify the required operating system service packs/ patches, security fixes and updates A R 2. Create Patch Management Plan for review and agreement with the client A R 3. Test patches on client environments – where no test environments are available, review of patching procedures with vendors A R 4. Deploy patches following Change Management A R 5. Verify operating system functionality upon patches deployment and observe for 2 weeks. A R Service Delivery Management 8 Hours of SDM time allocated per month A/R Connectivity A/R

Annexure E FEES

1. Company Secretarial Services

1.1. The fees for the Company Secretarial Services shall, subject to paragraph 1.2 of this Annexure E, consist of a fixed fee of R197 916.66 per month, payable monthly in arrears for the duration of this Agreement (or until the Company Secretarial Services are cancelled in terms of clause 6.2.2, if earlier).

1.2. The fee contemplated in paragraph 1.1of this Annexure E, for the month in which the Commencement Date occurs, shall be pro-rated downwards in accordance with the number of days remaining from the Commencement Date to the end of such month (both days inclusive).

2. IA Services

2.1. The fees for the IA Services shall consist of three components, as set out in paragraphs 2.2, 2.3 and 2.4 of this Annexure E respectively.

2.2. A fixed aggregate amount of R50 000 (“2018 IA Fixed Fee”) in respect of the period from the Commencement Date until 31 December 2018, payable monthly in arrears for each month during such period, as follows:

2.2.1. subject to paragraphs 2.2.2 and 2.2.3 of this Annexure E, in monthly amounts each equal to the 2018 IA Fixed Fee divided by the number of months remaining from the month in which the Commencement Date occurs until December 2018 (both months inclusive);

2.2.2. the monthly amount for the month in which the Commencement Date occurs shall be pro-rated downwards in accordance with the number of days remaining from the Commencement Date to the end of such month (both days inclusive);

2.2.3. the monthly amount for December 2018 (or, if earlier, the month in which this Agreement terminates or during which the IA Services are cancelled in terms of clause 6.2.2) shall be an amount equal to the 2018 IA Fixed Fee less the aggregate of all payments by then already made in terms of this paragraph 2.2.

2.3. A fixed aggregate amount of R25 000 (“2019 IA Fixed Fee”) in respect of the period from 1 January 2019 until the earlier of the date on which this Agreement terminates or the date that the IA Services are cancelled in terms of clause 6.2.2), payable monthly in arrears for each month during such period, as follows:

2.3.1. subject to paragraph 2.3.2 of this Annexure E, in monthly amounts each equal to R2 083.33;

2.3.2. the monthly amount for the month in which this Agreement terminates or during which the IA Services are cancelled in terms of clause 6.2.2, shall be an amount equal to the 2019 IA Fixed Fee less the aggregate of all payments by then already made in terms of this paragraph 2.3.

2.4. A variable amount for the period from 1 January 2019 until the earlier of the date on which this Agreement terminates or the date that the IA Services are cancelled in terms of clause 6.2.2, payable as a single lump sum in arrears following the end of such period, equal to:

2.4.1. if the number of IA assignments completed by GL during such period (“Completed Assignments”) is between 12 and 15 (both numbers inclusive), an amount of R250 000;

2.4.2. if the number of Completed Assignments is less than 12, an amount equal to:

R250 000 – ((R16 666.67 * (12 – number of Completed Assignments)); or

2.4.3. if the number of Completed Assignments is greater than 15, an amount equal to:

R250 000 + ((R16 666.67 * (number of Completed Assignments - 15)).

3. SOX Project

3.1. A fixed aggregate amount of R900 000 (“2018 SOX Fixed Fee”) in respect of the period from the Commencement Date until 31 December 2018, payable monthly in arrears for each month during such period, as follows:

3.1.1. subject to paragraphs 3.1.2 and 3.1.3 of this Annexure E, in monthly amounts each equal to the 2018 SOX Fixed Fee divided by the number of months remaining from the month in which the Commencement Date occurs until December 2018 (both months inclusive);

3.1.2. the monthly amount for the month in which the Commencement Date occurs shall be pro-rated downwards in accordance with the number of days remaining from the Commencement Date to the end of such month (both days inclusive);

3.1.3. the monthly amount for December 2018 (or, if earlier, the month in which this Agreement terminates or during which the implementation of the SOX Project is cancelled in terms of clause 6.2.2) shall be an amount equal to the 2018 SOX Fixed Fee less the aggregate of all payments by then already made in terms of this paragraph 3.1.

3.2. A fixed aggregate amount of R1 500 000 (“2019 SOX Fixed Fee”) in respect of the period from 1 January 2019 until the earlier of the date on which this Agreement terminates or the

date that the implementation of the SOX Project is cancelled in terms of clause 6.2.2), payable monthly in arrears for each month during such period, as follows:

3.2.1. subject to paragraph 2.3.2 of this Annexure E, in monthly amounts each equal to R125 000;

3.2.2. the monthly amount for the month in which this Agreement terminates or during which the implementation of the SOX Project is cancelled in terms of clause 6.2.2, shall be an amount equal to the 2019 SOX Fixed Fee less the aggregate of all payments by then already made in terms of this paragraph 3.2.

4. IT Services

4.1. The fees for the IT Services shall consist of:

4.1.1. a fee for the month in which the Commencement Date occurs, equal to R175 643.38 pro-rated downwards in accordance with the number of days remaining from the Commencement Date to the end of such month (both days inclusive)

4.1.2. a fixed monthly fee of R160 163.38 for the period from the month after the month in which the Commencement Date occurs until December 2018 (both months inclusive); and

4.1.3. a fixed fee of R54 825.00 per month for the period from January 2019 until the month in which this Agreement is terminated (or until the IT Services are cancelled in terms of clause 6.2.2, if earlier) (both months inclusive).