Data Center Audit. The Contractor shall perform an independent audit of its data centers at least annually at its expense, and provide an unredacted version of the audit report upon request to a Purchasing Entity. The Contractor may remove its proprietary information from the unredacted version. A Service Organization Control (SOC) 2 audit report or approved equivalent sets the minimum level of a third-party audit.
Data Center Audit. The contractor shall perform an annual independent audit of its data center(s) where Data, State applications, or other State information is maintained. The contractor shall perform this independent audit at its expense and shall, upon completion, provide an unredacted version of the complete audit report to the State. (The contractor may redact its proprietary information from the unredacted version, however.) A Service Organization Control (SOC) 2 audit report or equivalent approved by the Indiana Office of Technology sets the minimum level of a third-party audit. The State may perform an annual audit of contractor’s data center(s) where Data, State applications, or other State information is maintained. The audit may take place onsite or remotely, at the State’s discretion. The State shall provide to contractor thirty (30) days’ advance notice prior to the audit. The contractor will make reasonable efforts to facilitate the audit and will make available to the State members of its staff during the audit. The State may contract with a third party to conduct the audit at its discretion and at the State’s expense. If the contractor maintains Data, State applications, or other State information at multiple data centers, the State may perform an annual audit of each data center. The parties agree that any documents provided to the State under this paragraph shall be deemed a trade secret of contractor and is deemed administrative or technical information that would jeopardize a record keeping or security system, and shall be exempt from disclosure under the Indiana Access to Public Records Act, IC 5-14-3.
Data Center Audit. The service provider shall ensure an independent audit of its data centers is performed at least annually and will provide a redacted version of the audit report upon request. The service provider may remove its proprietary information from the redacted version. A Service Organization Control (SOC) 2 audit report or approved equivalent sets the minimum level of this third-party audit.
Data Center Audit. The Contractor shall perform an annual independent audit of its data center(s) where Data, State applications, or other State information is maintained. The Contractor shall perform this independent audit at its expense and shall, upon completion, provide an unredacted version of the complete audit report to the State. (The Contractor may redact its proprietary information from the unredacted version, however.) A Service Organization Control (SOC) 2 audit report or equivalent approved by the Indiana Office of Technology sets the minimum level of a third-party audit. The parties agree that any documents provided to the State under this paragraph shall be deemed a trade secret of contractor and is deemed administrative or technical information that would jeopardize a record keeping or security system, and shall be exempt from disclosure under the Indiana Access to Public Records Act, IC 5-14-3.
Data Center Audit. NAVITAIRE will provide Customer with [CONFIDENTIAL PORTION OMITTED AND FILED SEPARATELY WITH NAVITAIRE Proprietary and Confidential Hosted Services Agreement Exhibit 4.28 THE COMMISSION PURSUANT TO A REQUEST FOR CONFIDENTIAL TREATMENT] SOC 2 “Report on Controls at a Service Organization” report, valued at [CONFIDENTIAL PORTION OMITTED AND FILED SEPARATELY WITH THE COMMISSION PURSUANT TO A REQUEST FOR CONFIDENTIAL TREATMENT] available for delivery to Customer, [CONFIDENTIAL PORTION OMITTED AND FILED SEPARATELY WITH THE COMMISSION PURSUANT TO A REQUEST FOR CONFIDENTIAL TREATMENT], upon completion by the reporting agency Ernst and Young. The estimated completion date is [CONFIDENTIAL PORTION OMITTED AND FILED SEPARATELY WITH THE COMMISSION PURSUANT TO A REQUEST FOR CONFIDENTIAL TREATMENT].
Data Center Audit. From time to time, but at least once a year, the Service Provider shall retain external auditors to verify its security measures at its own expense. The Service Provider shall provide a version of the report issued by the external auditors, may not be redacted, upon request. In the event the audit report contains the Service Provider’s proprietary information, the State acknowledges that such information is Confidential Information and the audit report shall be disclosed only upon execution of a mutual non-disclosure agreement. If the State of Eligible Public Entity receives a California Public Records Act request for the audit report, the State and Eligible Public Entity shall provide the Service Provider reasonable written notice to permit the Service Provider to enable the Service Provider to take steps to prevent the disclosure of such information to the maximum extent permitted by law, including exemption from disclosures pursuant to §6254 (aa) and (ab) and Stats 2005 ch 476 Section 2.
Data Center Audit. From time to time, but at least once per year, the Service Provider shall retain external auditors to verify its security measures (e.g., in a Statement on Standards for Attestation Engagements (SSAE) No. 16 Service Organization Control (SOC) 2 Type II audit of its data centers, or its successor or similar audit as determined by Service Provider) at its own expense. The Service Provider shall provide a version of the report(s) issued by the external auditors (which may or may not be redacted) upon request. The Service Provider may or may not remove its proprietary information from the redacted version; the State acknowledges that such information is Confidential Information and subject to the Mutual NDA (Exhibit C). If a request for the contents of, or other information relating to, this Contract is made under the California Public Records Act, the Government will provide the Service Provider with reasonable written notice to permit the Service Provider to prevent against the disclosure of such information to the maximum extent permitted under applicable law.
Data Center Audit. As of the date of the proposal, Microsoft has achieved FedRAMP High ATO for Azure Government Services as set forth at the Microsoft Trust Center Compliance page for Microsoft Trust Center Compliance page for FedRAMP at xxxxx://xxx.xxxxxxxxx.xxx/enus/trustcenter/compliance/fedramp. Microsoft anticipates commencement of the process for annual Statement on Standards for Attestation Engagements (SSAE) No. 16 Service Organization Control (SOC) 2 Type II audits of its data centers, or the applicable successor to such SSAE standard. While SSAE 16 audits are not currently performed, Microsoft will be able to demonstrate to the State a mapping of the FedRAMP control standards with their corresponding SSAE 16 standards, in order to demonstrate compliance with the intent of this requirement. All such audits will be at Microsoft’s own expense. The Service Provider shall provide a redacted version of the audit report and Service Provider’s plan to correct any negative findings upon request after receipt of a signed confidential nondisclosure agreement from the State. The Service Provider may remove its proprietary information from the redacted version.
Data Center Audit. The contractor shall perform an annual independent audit of its data center(s) where Data, State applications, or other State information is maintained. The contractor shall perform this independent audit at its expense and shall, upon completion, provide an unredacted version of the complete audit report to the State. (The contractor may redact its proprietary information from the unredacted version, however.) A Service Organization Control (SOC) 2 audit report or equivalent approved by OCIO sets the minimum level of a third-party audit. The State may perform an annual audit of contractor’s data center(s) where Data, State applications, or other State information is maintained. The audit may take place onsite or remotely, at the State’s discretion. The State shall provide to contractor thirty (30) days’ advance notice prior to the audit. The contractor will make reasonable efforts to facilitate the audit and will make available to the State members of its staff during the audit. The State may contract with a third party to conduct the audit at its discretion and at the State’s expense. If the contractor maintains Data, State applications, or other State information at multiple data centers, the State may perform an annual audit of each data center.
Data Center Audit. The Provider shall have an independent third party audit of its data center(s) performed at least annually at their own expense, and provide the audit report to the State upon request.
