Audit Obligations. Each party (the “Audited Party”) agrees to permit the other (the “Auditing Party”), using a mutually-acceptable third party auditor, to audit its compliance with this Article V during regular business hours upon reasonable notice to the Audited Party. The Audited Party shall provide to the Auditing Party’s auditor copies of audits and system test results acquired by the Audited Party in relation to the data security policies and procedures designed to meet the requirements set forth above. Any audit performed hereunder shall be at the cost of the Auditing Party.
Audit Obligations. (1) Supplier shall document and, upon request, prove to Company (at Company's expense) Supplier’s compliance with the obligations agreed upon in this DPA by appropriate methods, provided that Company shall not issue such a request more than once per year. Company and Supplier agree that documentation and proof can be submitted through the production of the following documentation and/or certifications: - conducting an self-audit - internal compliance regulations including external proof of compliance with these regulations - certifications on data protection and/or information security (e.g. ISO 27001) - codes of conduct approved in accordance with Article 40 of the GDPR - certifications in accordance with Article 42 of the GDPR.
Audit Obligations. Controller shall, prior to the commencement of Processing, and at regular intervals thereafter, audit the technical and organisational measures taken by Processor, and shall document the resulting findings. For such purpose, Controller may, e.g., • obtain information from the Processor: • request Processor to submit to Controller an existing attestation or certificate by an independent professional expert; or • upon reasonable and timely advance agreement, during regular business hours and without interrupting Processor’s business operations, conduct an on-site inspection of Processor’s business operations or have the same conducted by a qualified third party which shall not be a competitor of Processor (as determined by the Processor). Processor shall, upon Controller’s written request and within a reasonable period of time, provide Controller with all information necessary for such audit.
Audit Obligations. The Data Controller may, prior to the commencement of Processing, and in regular intervals thereafter, audit the technical and organizational measures taken by the Data Processor, and will document the resulting findings. For such purpose, the Data Controller will collect voluntary disclosures from the Data Processor. The Data Controller will: (i) ensure that any information request, audit or inspection is undertaken within normal business hours (unless such other time is mandated by a competent data protection regulator) with minimal disruption to Data Processor’s and/or its Sub-Processors’ businesses, and acknowledging that such information request, audit or inspection: (a) will not oblige Data Processor to provide or permit access to information concerning Data Processor’s internal business information or relating to other recipients of services from the Data Processor; and (b) shall be subject to any reasonable policies, procedures or instructions of Data Processor or its Sub-Processors for the purposes of preserving security and confidentiality; and (ii) provide Data Processor at least 30 days’ prior written notice of an information request and/or audit or inspection (unless the competent data protection regulator provides Data Controller with less than 30 days’ notice, in which case Data Controller shall provide Data Processor with as much notice as possible). If any information request, audit or inspection relates to systems provided by or on the premises of Data Processor’s Sub-Processors, the scope of such information request, audit and/or inspection will be as permitted under the relevant agreement in place between Data Processor and the Sub-Processor. A maximum of one information request, audit and/or inspection may be requested by Data Controller in any twelve (12) month period unless an additional information request, audit and/or inspection is mandated by a competent data protection regulator in writing. The Data Processor will cooperate with the Controller in the sense of Art. 28 III h GDPR in the facilitation of any audit or inspection or other work undertaken pursuant to Data Processor’s obligations under this Agreement.
Audit Obligations. During the Term, on an annual basis, ThoughtFarmer will engage a certified professional accounting firm to perform an annual audit of ThoughtFarmer’s data protection features and provide a SOC 2 Type I or SOC 2 Type II report, pursuant to the standards of American Institute of CPAs (“AICPA”), to Customer following receipt from the accounting firm. If AICPA revises its relevant reporting standards, ThoughtFarmer shall obtain and make available the report that then most closely resembles a SOC 2 report.
Audit Obligations. 11.1. Within one hundred twenty (120) days after the end of CCNMS fiscal year, for each fiscal year in which payments are to be made by CCS to CCNMS pursuant to this Agreement, CCNMS may retain an independent audit firm to audit the records of CCS and to prepare a report to be delivered to both parties simultaneously, which report shall set forth the amounts paid and/or due but not paid by CCS and to CCNMS pursuant to this Agreement during the fiscal year. Subject to paragraph 11.2 below, CCNMS shall pay for its own audit and the preparation of the report on its own records.
Audit Obligations. (a) To the extent that any audit of the Contract Area is carried out by the Government in respect of any period prior to the Economic Date which results in Obligations being incurred by the Purchaser (and/or 20 its Affiliates), the Seller shall reimburse and indemnify the Purchaser and the Purchaser’s Affiliates in respect thereof up to a maximum liability of two hundred and fifty thousand Dollars (US$250,000).
Audit Obligations. 7.1 The Subscriber can, prior to the commencement of the processing of data and at regular intervals thereafter, audit the technical and organisational measures implemented by Honeywell Homes and shall document the result of such audit.
Audit Obligations. 7.1. Provider shall, prior to the commencement of Processing, and in regular intervals thereafter, audit the technical and organizational measures taken by SAP, and shall document the resulting findings.
Audit Obligations. (1) Company shall, prior to the commencement of the processing of data and at regular intervals thereafter once a year at the maximum, audit the technical and organisational measures implemented by Supplier and shall document the result of such audit. In the course of such audit, Company may, in particular, conduct the following measures, but shall not be limited to the same: Company may obtain information from Supplier. Company may request Supplier to submit to Company an existing attestation or certificate by an independent professional expert. Company may, upon reasonable and timely advance agreement, during regular business hours and without interrupting Supplier’s business operations, conduct an on-site inspection of Supplier’s business operations or have the same conducted by a qualified third party which shall not be a competitor of Supplier.
