External audits Cláusulas de Ejemplo

External audits. OVHcloud implements an external audit program on certified perimeters. We rely on: • general security framework: ISO 27001, AICPA TSP (SOC) • Cloud Provider-specific security framework: ISO 27017, CISPE, CSA CCM • repositories dedicated to specific issues such as privacy: CISPE, ISO 27018, ISO 27701 • industry or geographical specific security framework: PCI DSS, HDS, PSEE, SecNumCloud, AGID, ENS, C5 For each framework, we determine the most appropriate certification or audit organization to strengthen our clients' confidence in our ability to meet the requirements that meet their expectations. OVHcloud allows its customers, under certain conditions, to perform security audits on systems. Such audits may be: • Technical, performed remotely (Intrusion Test, Vulnerability Scan) without OVHcloud teams intervention • Organizational and technical in asynchronous way through questionnaires and written exchanges with OVHcloud • On-site organizational and technical, including installation visits, interviews with operational staff, and access to documentation and configurations. As with internal and external audits, these evaluations provide input to the security continuous improvement.