A company has received the results of an external vulnerability scan from its approved scanning vendor. The company is required to remediate these vulnerabilities for clients within 72 hours of acknowledgement of the scan results. Which of the following contract breaches would result if this remediation is not provided for clients within the time frame?
A. Service level agreement
B. Regulatory compliance
C. Memorandum of understanding
D. Organizational governance