SSAE Sample Clauses
The SSAE clause refers to requirements related to the Statement on Standards for Attestation Engagements, which are professional standards for attestation services such as SOC 1 or SOC 2 reports. This clause typically obligates a service provider to undergo regular independent audits and provide the resulting SSAE reports to the client, demonstrating the effectiveness of their internal controls over financial reporting or data security. By including this clause, the agreement ensures transparency and accountability, giving clients assurance that the service provider maintains adequate controls and complies with industry standards.
POPULAR SAMPLE Copied 2 times
SSAE. At least on a yearly basis during the Term, after the Stub Period described above has ended, BNY Mellon shall, at its cost and expense, engage an internationally recognized third-party auditor to provide a Statement on Standards for Attestation Engagements No. 18 SOC 1 Type II (“SSAE”) report that covers each Service Location used to provide the Services. As soon as reasonably practicable following BNY Mellon’s receipt of any such SSAE report during the Term, BNY Mellon shall provide Voya and its external auditors with a copy of such report to the extent related to the provision or receipt of the Services. Upon Voya’s reasonable request, BNY Mellon shall deliver to Voya a bridge letter from an appropriate representative of BNY Mellon stating that, to the best of such person’s knowledge, there have been no changes to BNY Mellon’s internal controls, as described in the most recent SSAE report provided by BNY Mellon’s independent auditors (and as provided to Voya), which would materially or adversely affect the internal control environment. Each SSAE report shall be deemed to be the Confidential Information of BNY Mellon.
SSAE. Each year, at Supplier’s cost and expense, Supplier shall engage a third party auditor to conduct an SSAE with respect to the Services, and provide relevant Service Organization Control (“SOC”) audit reports (a SOC 1 Type II). As soon as reasonably practicable following Supplier’s receipt of such reports, Supplier shall provide Company with a copy of such report, provided that Company makes a written request for such report, to the extent related to the provision or receipt of the Services, and Company may share a copy of such report with its agents, regulators, and consultants provided that Company has a fully executed Mutual Non-Disclosure Agreement, at least as restrictive as those between Supplier and Company, with any person or entity that Company shares such report with.
SSAE. “SSAE is defined in Section 18.1.4 herein.
SSAE. Following Transition, each year, at Vendor’s cost and expense, Vendor will cause its external auditors to (i) perform a US SSAE No. 16 audit regarding internal controls that Vendor applies, on a common basis, to the provision of services to its outsourcing clients (the “Internal Controls Audit”), and (ii) produce an audit report in connection therewith (the “Internal Controls Audit Report”). On or about March 1st of each year, Vendor will arrange for the auditor to provide to City a copy of the most current Internal Controls Audit Report. Vendor, at its sole discretion, shall address any audit control issues or weaknesses identified in any Internal Controls Audit Report, at no cost to the Client. If specific audit recommendations are not implemented by Vendor, then Client may implement such alternative steps as it deems reasonably necessary for the purpose of minimizing or eliminating the risks identified in any such Internal Controls Audit Report. Furthermore, when requested by Client, Vendor’s SSAE 16 audit requirements shall include an examination of the controls placed in operation and a test of operating effectiveness, as defined by Statement on Standards for Attestation Engagements (SSAE) ▇▇. ▇▇, ▇▇. ▇, Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy (“SOC 2”) (i.e., the successor standard to SAS 70), of the Services and issue a report thereon (a “Type 2 Report”) for the applicable Fiscal Year. The Type 2 Report should include a period of testing no less than six (6) months, a portion of which shall occur during the first month of the second half of the Client’s Fiscal Year. The Type 2 Report will be issued semi-annually for the periods ending December 31st and June 30th. Vendor shall submit the proposed control objectives to Client for approval prior to conducting the audit. Vendor and all applicable Subcontractors shall deliver to Client a copy of the Type 2 Report within six (6) weeks after conducting the SSAE assessment for a Fiscal Year (but in no event later than December 15th within the Fiscal Year for which the audit was conducted) and Vendor shall prepare and implement a corrective action plan to correct any deficiencies or resolve any problems identified in such report , in each case, which constitute a breach of Vendor’s obligations under this Agreement. Vendor shall address any audit control issues or weaknesses identified in any Type 2 Report, at no cost to...