Common use of Audit Scope Clause in Contracts

Audit Scope. Solely to assess the effective protection of Lender Proprietary Information, Lender may conduct annual remote or on-site audits of Servicer, at Lender’s discretion and expense (except as set forth below), to review the Security Systems at any time during Servicer’s regular business hours upon at least three (3) -29- CERTAIN CONFIDENTIAL MATERIAL APPEARING IN THIS DOCUMENT, MARKED BY [*****] HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 406 PROMULGATED UNDER THE SECURITIES ACT OF 1933, AS AMENDED Business Days’ prior notice to Servicer; however, Servicer may request up to an additional seven (7) Business Days to comply. However, if there is an actual breach of the Security Systems, Lender may conduct additional audits. The audits may be performed by Lender, its agent, or an independent third party bound by nondisclosure provisions substantially similar to those in this Origination Agreement, and may include reasonable testing of the Security Systems, including without limitation, periodic vulnerability scans. The Parties will schedule the testing at a mutually agreeable time and will cooperate in structuring the tests so as to use reasonable, industry-standard precautions to minimize risks to the Security Systems and to avoid harming the rights and interests of Servicer or any third parties. Servicer will provide Lender with reasonable assistance and information necessary for the performance of the testing, including reasonable access to its logs, policies, records, and other materials (solely as related to Lender Proprietary Information), and to Servicer personnel reasonably required for Lender to perform the audit. Lender will reasonably determine the extent and methodology of the testing subject to the approval of Servicer, the approval not to be unreasonably withheld, conditioned or delayed. Servicer agrees to make available to Lender the results of any third party’s or its own testing, monitoring and auditing of the Security Systems solely as relates to Lender Proprietary Information, provided, that Servicer will not be required to make available any results which would breach its confidentiality obligations to any third party.

Audit Scope. Solely with respect to SunTrust Proprietary Information, to assess the effective protection of Lender Proprietary Informationsuch information, Lender may SunTrust will have the right to request or conduct annual remote or on-site audits of ServicerFMC, at LenderSunTrust’s discretion and expense (except as set forth below), to review the information and data security systems and procedures and processes of FMC (collectively, the “Security Systems Systems”) at any time during ServicerFMC’s regular business hours hours, upon at least three no less than ten (3) -29- CERTAIN CONFIDENTIAL MATERIAL APPEARING IN THIS DOCUMENT, MARKED BY [*****] HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 406 PROMULGATED UNDER THE SECURITIES ACT OF 1933, AS AMENDED Business Days’ prior notice to Servicer; however, Servicer may request up to an additional seven (710) Business Days prior written notice to complyFMC. HoweverThe Parties shall mutually agree on the scope, if there is an actual breach scale and type of the Security Systems, Lender may conduct additional auditstesting. The audits may be performed by Lender, its agent, or an independent third party identified and contracted by FMC and subject to reasonable approval of SunTrust bound by nondisclosure non-disclosure provisions substantially similar to those in this Origination Agreement, and may shall include reasonable testing of the Security Systems, including without limitation, periodic vulnerability scans. The Parties will schedule the testing at a mutually agreeable time and will cooperate in structuring the tests so as to use reasonable, industry-standard precautions to prevent or minimize any risks to the FMC’s Security Systems that may be associated with such testing, and the Parties will cooperate in structuring the testing so as to avoid harming the rights and interests of Servicer FMC or any third parties. Servicer will provide Lender with reasonable assistance and information necessary for the performance of the testing, including FMC agrees to promptly grant reasonable access to its logs, policies, records, and other materials (solely as related to Lender Proprietary Information)materials, and to Servicer personnel FMC Personnel reasonably required for Lender SunTrust to perform the audit. Lender SunTrust will reasonably determine the extent and methodology of the testing subject to the approval of ServicerFMC, the such approval not to be unreasonably withheld. Further, conditioned or delayed. Servicer FMC agrees to make available to Lender SunTrust the results of any third party’s or its own testing, monitoring and auditing of the such Security Systems solely as relates to Lender Proprietary Information, Systems; provided, however, that Servicer FMC will not be required to make available any such results which would breach its confidentiality obligations to between FMC and any third partyparty and may instead provide a summary of results describing any identified vulnerability or risk and proposing remedial action. To the extent that any system data or information is obtained by SunTrust in the course of an assessment, such data or information shall be Confidential Business Information of FMC and FMER, and SunTrust shall treat it in accordance with Article 14. In no event shall SunTrust retain any code from FMC’s or FMER’s systems or decompile, disassemble, or reverse engineer any such code, in whole or in part. Neither SunTrust nor its representatives shall introduce any malicious or unauthorized code (virus, Trojans, worms, trap door, etc.) or undisclosed features into FMC’s or FMER’s systems intending to disable, deactivate, interfere with or otherwise harm such systems or data or provide access not authorized by FMC or FMER.

Audit Scope. Solely to assess the effective protection of the Lender Proprietary Information, Lender may conduct annual remote or on-site audits of Servicer, at Lender’s discretion and expense (except as set forth below), to review the Security Systems at any time during Servicer’s regular business hours upon at least three (3) -29- CERTAIN CONFIDENTIAL MATERIAL APPEARING IN THIS DOCUMENT, MARKED BY [*****] HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 406 PROMULGATED UNDER THE SECURITIES ACT OF 1933, AS AMENDED Business Days’ prior notice to Servicer; however, Servicer may request up to an additional seven (7) Business Days to comply. However, if there is an actual breach of the Security Systems, Lender or its agents may conduct additional audits. The audits may be performed by Lender, its agent, or an independent third party bound by nondisclosure provisions substantially similar to those in this Origination Servicing Agreement, and may include reasonable testing of the Security Systems, including without limitation, periodic vulnerability scans. The Parties will schedule the testing at a mutually agreeable time and will cooperate in structuring the tests so as to use reasonable, industry-industry- standard precautions to minimize risks to the Security Systems and to avoid harming the rights and interests of Servicer or any third parties. Servicer will provide Lender with reasonable assistance and information necessary for the performance of the testing, including reasonable access to its logs, policies, records, and other materials (solely as related to Lender Proprietary Information), and to Servicer personnel reasonably required for Lender to perform the audit. Lender will reasonably determine the extent and methodology of the testing subject to the approval of Servicer, the approval not to be unreasonably withheld, conditioned or delayed. Servicer agrees to make available to Lender the results of any third party’s or its own testing, monitoring and auditing of the Security Systems solely both in general and as relates to Lender Proprietary Information, provided, that Servicer will not be required to make available any results which would breach its confidentiality obligations to any third party.. CERTAIN CONFIDENTIAL MATERIAL APPEARING IN THIS DOCUMENT, MARKED BY [*****] HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 406 PROMULGATED UNDER THE SECURITIES ACT OF 1933, AS AMENDED

Audit Scope. Solely to assess the effective protection of Lender Proprietary Information, Lender may conduct annual remote or on-site audits of Servicer, at Lender’s discretion and expense (except as set forth below), to review the Security Systems at any time during Servicer’s regular business hours upon at least three (3) -29- CERTAIN CONFIDENTIAL MATERIAL APPEARING IN THIS DOCUMENT, MARKED BY [*****] HAS BEEN OMITTED AND FILED SEPARATELY WITH THE SECURITIES AND EXCHANGE COMMISSION PURSUANT TO RULE 406 PROMULGATED UNDER THE SECURITIES ACT OF 1933, AS AMENDED Business Days’ prior notice to Servicer; however, Servicer may request up to an additional seven (7) Business Days to comply. However, if there is an actual breach of the Security Systems, Lender may conduct additional audits. The audits may be performed by Lender, its agent, or an independent third party bound by nondisclosure provisions substantially similar to those in this Origination Agreement, and may include reasonable testing of the Security Systems, including without limitation, periodic vulnerability scans. The Parties will schedule the testing at a mutually agreeable time and will cooperate in structuring the tests so as to use reasonable, industry-standard precautions to minimize risks to the Security Systems and to avoid harming the rights and interests of Servicer or any third parties. Servicer will provide Lender with reasonable assistance and information necessary for the performance of the testing, including reasonable access to its logs, policies, records, and other materials (solely as related to Lender Proprietary Information), and to Servicer personnel reasonably required for Lender to perform the audit. Lender will reasonably determine the extent and methodology of the testing subject to the approval of Servicer, the approval not to be unreasonably withheld, conditioned or delayed. Servicer agrees to make available to Lender the results of any third party’s or its own testing, monitoring and auditing of the Security Systems solely as relates to Lender Proprietary Information, provided, that Servicer will not be required to make available any results which would breach its confidentiality obligations to any third party.