Data Security Audits. Passport shall audit its compliance against data protection and information security standards on a regular basis. Upon Customer’s written request, and subject to obligations of confidentiality, Passport will temporarily make available to Customer a summary of its most recent relevant audit report, and/or other documentation reasonably required by Customer which Passport makes generally available to its Customers, so that Customer can verify Passport’s compliance with this Agreement subject to confidentiality rights and concerns. Passport shall provide accurate and honest responses to Customer’s reasonable questions related to data protection and information security measures or controls arising out of or related to the audit report or related to Passport’s compliance with this Agreement, as well as any applicable laws or industry standards, within ten (10) business days.
Data Security Audits iService represents that it will retain a certified public accounting firm to perform an annual audit of the System’s data protection features and to provide a SOC 2 Type II report, pursuant to the standards of the American Institute of Certified Public Accountants (the “AICPA”), or such other report as AICPA may promulgate to replace SOC 2 Type II. Reasonably promptly after Dealer’s request, iService will provide a copy of its most recent such report, provided such report will be iService’s Confidential Information pursuant to Article 9 below.
Data Security Audits. OEM may request no more than once a calendar year upon ten days written notice to ISS (unless additional audits or shorter notice is required, in each case, due to a Security Incident, but in no case less than reasonable notice (and for the avoidance of doubt, the Parties agree that there will be no more than one audit per Security Incident)), that ISS provide (and will cause its affiliates, agents, or subcontractors to provide) OEM (or its designated representatives) with access to facilities, systems, data backups, records and supporting documentation in order to audit ISS’ (and/or its subcontractors') compliance with its obligations under this Section 5 during normal business hours. Audits shall be conducted in a manner that minimizes any disruption of ISS’s performance of services and other normal operations. ISS shall take proper steps to address any control weaknesses identified by OEM as a result of such audit. The results of any such audit shall be deemed ISS’ Confidential Information and protected as such under Section 12.9.
Data Security Audits. To ensure Business Associate’s compliance with the Privacy Regulations and Security Regulations at its sole expense, Allina will have the right to conduct an annual data security audit at Business Associate’s site during the term of this Agreement. The data security audit will be conducted by Allina during Business Associate’s regular business hours and upon reasonable advance notice to Business Associate. In addition to the above, Allina will have the right to conduct a six (6) month follow-up on-site data security audit if problems are identified during any annual audit.
Data Security Audits. In accordance with the NACHA Rules, Company is required to conduct, or cause to be conducted, no less frequently than annually, a data security audit to ensure that the financial information that Company obtains from Receivers is protected by security practices that include adequate levels of: (i) physical security to protect against theft, tampering, or damage; (ii) personnel and access controls to protect against unauthorized access and use; and (iii) network security to ensure secure capture, transmission, distribution, and storage until destruction of financial information. More specific details of the audit requirements are set forth in the User Guide.
Data Security Audits. Arctic Wolf shall audit its compliance against data protection and information security standards in accordance with the controls and processes set forth in its SOC2 Report. Upon Customer’s written request, and subject to obligations of confidentiality, Arctic Wolf will temporarily make available to Customer a summary of its most recent relevant audit report, and/or other documentation reasonably required by Customer which Arctic Wolf makes generally available to its Customers, so that Customer can verify Arctic Wolf’s compliance with this Agreement. Arctic Wolf shall provide accurate and honest responses to Customer’s reasonable questions related to data protection and information security measures or controls arising out of or related to the audit report or related to Arctic Wolf’s compliance with this Agreement, as well as any applicable laws or industry standards, within ten (10) business days.
