Common use of Additional Audits Clause in Contracts

Additional Audits. Vendor shall provide support for additional various audits on an annual routine basis. Such additional audits may include, but are not limited to, third party assessments to achieve FISMA authorization, continuous monitoring, penetration testing, independent verification and validation of the system, and the annual FISMA audit subject to NIST SP 800-53 Rev 5. Such assistance shall include but shall not be limited to: (a) documenting Vendor’s internal controls and procedures related to the Services; (b) cooperating with any USAC Auditor or inspector in connection with testing the effectiveness of such controls and procedures; (c) making at least quarterly representations to USAC regarding any significant changes to such controls and procedures; (d) correcting any material weakness or significant deficiency as defined by the Vendor Controls and FISMA or any other deficiency that would prevent USAC from complying with Law; and (e) cooperating with USAC Auditors in connection with the issuance of the reports described in the Privacy and Security Addendum.. Vendor shall promptly remediate any weakness identified in any audit report, in no event later than recommended or demanded by the auditors. [FISMA and NIST are defined in the Privacy and Security Addendum.]

Additional Audits. Vendor shall provide support for additional various audits on an annual routine basis. Such additional audits may include, but are not limited to, third party assessments to achieve FISMA authorizationaccreditation, continuous monitoring, penetration testing, independent verification and validation of the system, and the annual FISMA audit subject to NIST SP 800-53 Rev 5. Such assistance shall include but shall not be limited to: (a) documenting Vendor’s internal controls and procedures related to the Services; (b) cooperating with any USAC Auditor or inspector in connection with testing the effectiveness of such controls and procedures; (c) making at least quarterly representations to USAC regarding any significant changes to such controls and procedures; (d) correcting any material weakness or significant deficiency as defined by the Vendor Controls and FISMA or any other deficiency that would prevent USAC from complying with Law; and (e) cooperating with USAC Auditors in connection with the issuance of the reports described in the Privacy and Security Addendum.. Section 16.18. Vendor shall promptly remediate any weakness identified in any audit report, in no event later than recommended or demanded by the auditors. [FISMA and NIST are defined in the Privacy and Security Addendum.]

Additional Audits. Vendor shall provide support for additional various audits on an annual routine basis. Such additional audits may include, but are not limited to, third party assessments to achieve FISMA authorization, continuous monitoring, penetration testing, independent verification and validation of the system, and the annual FISMA audit subject to NIST SP 800-53 Rev 5. Such assistance shall include but shall not be limited to: (a) documenting Vendor’s internal controls and procedures related to the Services; (b) cooperating with any USAC Auditor or inspector in connection with testing the effectiveness of such controls and procedures; (c) making at least quarterly representations to USAC regarding any significant changes to such controls and procedures; (d) correcting any material weakness or significant deficiency as defined by the Vendor Controls and FISMA or any other deficiency that would prevent USAC from complying with Law; and (e) cooperating with USAC Auditors in connection with the issuance of the reports described in the Privacy and Security Addendum.. Section 16.18. Vendor shall promptly remediate any weakness identified in any audit report, in no event later than recommended or demanded by the auditors. [FISMA and NIST are defined in the Privacy and Security Addendum.]