SSAE 16 Sample Clauses

SSAE 16. (1) Each year, Cognizant Group shall engage a third party internationally recognized auditor to conduct a SSAE 16 audit with respect to the Services and provide (a) a SOC-1 Type II report, at its cost and expense, and (b) upon NAIC Groups’ request, a SOC-2 or SOC-3 Type II report, at NAIC Groups’ cost and expense. Cognizant Group shall cooperate with NAIC Group to determine the scope and control objective requirements for the SSAE 16 SOC-1 (and SOC-2 or SOC-3, if applicable) Type II reports. As soon as reasonably practicable following Cognizant Group’s receipt of such reports, but no later than November 15 of each year covering a period commencing October 1 of the previous year through and including September 30 of the then-current year, Cognizant Group shall provide NAIC Group and its external auditors with a copy of such report to the extent related to the provision or receipt of the Services and NAIC Group may share a copy of such report with its customers, customer’s agents and regulators. In January of each year, Cognizant Group shall, at its cost and expense, cause its auditor to provide a bridge letter, with respect to the SOC-1 Type II report for such year, for the period October 1 through December 31. Cognizant shall notify NAIC as soon as possible after any weakness or deficiency is identified in connection with an audit conducted pursuant to Section 12.04(1). (2) Every 180 days, Cognizant Group shall permit, and reasonably cooperate with, NAIC Auditors to conduct an end-to-end SSAE 16 audit of Cognizant Group’s provision of the Services (including, as directed by NAIC Group, for each of Cognizant Group’s subcontractors and at each of the Service Locations). Cognizant Group shall respond to inquiries regarding the SSAE 16 reports from NAIC Group and its external auditors as necessary. (3) With respect to any audit reports issued under this Section, Cognizant Group shall promptly remediate any weakness or deficiency identified in such reports or that could reasonably be expected to result in a qualified report. Such remediation shall be provided at Cognizant Group’s cost and expense; provided, however, that if the remediation is related to an audit report provided pursuant to Section 12.04(2), then such remediation work shall be at Cognizant Group’s cost and expense only to the extent resulting from Cognizant Group’s failure to comply with the terms and conditions of this Agreement, otherwise NAIC Group shall be financially responsible for the cos...

SSAE 16. Unless otherwise expressly stated in the applicable Statement of Work, each year, starting in hCentive’s new fiscal year which follows the first Services to support Optum’s Prime Contract, hCentive shall cause its external auditors to (i) perform a SSAE-16 SOC 1 audit, regarding hCentive’s internal controls over financial reporting, based on hCentive’s system of internal controls and hCentive’s control objectives as of a specific point in time (the “Baseline Internal Controls Audit”), and (ii) produce an SSAE SOC 1 Type I audit report in connection therewith (the “Baseline Internal Controls Audit Report”). On or about April 1st of each year, hCentive shall provide to Optum a copy of the most current Baseline Internal Controls Audit Report. The Baseline Internal Controls Audit shall be performed, and the Baseline Internal Controls Audit Report shall be produced, at no additional cost to Optum. In the event that Optum or Customer requests audit and reporting which are not covered by the Baseline Internal Controls Audit, such additional audit and reporting shall be (i) addressed through the applicable change control procedures and (ii) performed by the same auditors who have performed the Baseline Internal Controls Audit, at Optum’s cost and expense, unless hCentive is subject to another SSAE-16 audit for the same or similar operations that is acceptable to Optum, in which case Optum shall be provided with a copy of that other SSAE-16 audit.

SSAE 16. Bank shall comply with SSAE 16 or a comparable standard system recognized as appropriate for entities similarly situated to Bank*. Bank shall provide Pier 1 with then current, unqualified Type 2 Statements on SSAE 16 or comparable reports recognized as appropriate for entities similarly situated to Bank. Any such report shall be dated as of the most recent date generated, but not more than twelve (12) months prior to the date of production to Pier 1. Provided, however, that if the protocols/criteria related to them do not require annual reporting, Bank shall provide such reports or ones comparable thereto no less than every eighteen (18) months. Bank shall also (upon reasonable prior written request from Pier 1) provide to Pier 1 any reports related thereto generated by or for Bank. Furthermore, Bank shall at all times make itself available to reasonable requests (and upon reasonable notice) by Pier 1 to discuss the status of matters related to this Section 7.7. The obligations of Bank under this Section 7.7 apply regardless of whether Bank utilizes a third-party data host provider. *For instance, as of the Effective Date, SAS 70, from which Bank intends to transition to SSAE 16 by end of calendar year 2012.

SSAE 16. Unless otherwise expressly stated in the applicable Statement of Work, each year, starting in Supplier’s new fiscal year which follows the first Services to support SOV’s production activities, Supplier shall cause its external auditors to (i) perform a SSAE-16 SOC 2 audit, regarding those security, privacy, financial and processing integrity controls performed by Supplier that are relevant to SOV's operations, based on Supplier’s fiscal year and Supplier’s internal controls framework (the “Baseline Internal Controls Audit”), and (ii) produce an audit report in connection therewith (the “Baseline Internal Controls Audit Report”). On or about April 1st of each year, Supplier shall provide to SOV a copy of the most current Baseline Internal Controls Audit Report. The Baseline Internal Controls Audit shall be performed and the Baseline Internal Controls Audit Report shall be produced at no additional cost to SOV. In the event that SOV requests audit and reporting which are not covered by the Baseline Internal Controls Audit, such additional audit and reporting shall be (i) addressed through the Change Control Procedures, and (ii) performed by the same auditors who have performed the Baseline Internal Controls Audit, at SOV’s cost and expense, unless Supplier is subject to another SSAE-16 audit for the same or similar operations that is acceptable to SOV, in which case SOV shall be provided with a copy of that other SSAE-16 audit.

SSAE 16. 16.2.1 Accenture issues reports under the Statement on Standards for Attestation Engagements (SSAE) No. 16 “SSAE 16” and International Standard on Assurance Engagements (ISAE) 3402 “ISAE 3402” standards. During each calendar year during the Term of the Agreement, Accenture will provide, at Accenture’s cost, reports with a joint opinion under both the SSAE 16 and ISAE 3402 standards for locations that are common Accenture delivery centers (i.e., service centers from which services are provided to multiple clients) as identified in the following sentence. Accenture Service Locations that will participate in the program are: India (centers in ▇▇▇▇▇▇▇▇▇, ▇▇▇▇▇▇, ▇▇▇▇▇▇▇, ▇▇▇▇▇▇▇▇▇, ▇▇▇▇, ▇▇▇▇▇▇▇, and Delhi-National Capital Region), Philippines, (Manila and Cebu), Prague, Bratislava, Mauritius, Warsaw, Bucharest, Kronberg, Hof, Warwick, Belo Horizonte (Brazil), Buenos Aires (Argentina), China (centers in Shanghai, Dalian and Chengdu), and the U.S. (Cincinnati, Ohio, King of Prussia, PA, and San Antonio, TX). For each of the foregoing delivery centers, for the Term of the Agreement, Accenture will provide an SOC 1, Type 2 report; for the India and Philippine delivery centers, Accenture will also provide an SOC 2, Type 2 report (or reports that are substantially equivalent to the same provided such equivalent reports have content and provisions that are no more than what is then accepted in the industry). The scope of these reports will be the common controls that support multiple clients served from Accenture delivery centers. The control objectives are based upon guidance from the Information Technology Governance Institute. The reporting period will be from January 1 to October 1 of each calendar year with an estimated delivery date of approximately November 1, but no later than November 15. Client and its external auditor will be provided copies of relevant reports upon issuance. Accenture will provide Client a representation letter (otherwise referred to as a “bridge letter”) in relation to the time period which is not covered by the reports. Client agrees to be a sample client for purposes of testing and consents to Accenture disclosing Client information relevant to these audits to Accenture’s SSAE 16/ISAE 3402 auditors. For the avoidance of doubt, no Client Confidential Information or information that could potentially identify Client as a customer of Accenture will be disclosed in the reports. Accenture will comply with future guidance relating to SSAE 1...

SSAE 16. To the extent Pier 1 complies with the Standards for Attestation Engagements No. 16 (“SSAE 16”), or any other like-kind standard system recognized as appropriate for entities similarly situated to Pier 1, Pier 1 shall provide Bank with then current, unqualified Type 2 Statements on SSAE 16 (or comparable reports, as applicable). Any such report shall be dated as of the most recent date generated, but not more than twelve (12) months prior to the date of production to Bank. Provided, however, that if the protocols/criteria related to them do not require annual reporting, Pier 1 shall provide such reports or ones comparable thereto to Bank no less than every eighteen (18) months. Pier 1 shall also (upon reasonable prior written request from Bank) provide to Bank any reports related thereto generated by or for Pier 1. Furthermore, Pier 1 shall at all times make itself available to reasonable requests (and upon reasonable notice) by Bank to discuss the status of matters related to this Section 5.8. The obligations of Pier 1 under this Section 5.8 apply regardless of whether Pier 1 utilizes a third-party data host provider.