Authority Audit Sample Clauses

Authority Audit. The Authority shall be entitled to carry out such regular security audits as may be required and in accordance with Good Industry Practice, in order to ensure that the ISMS maintains compliance with the principles and practices of ISO/IEC 27001 and ISO/IEC 27002. If, on the basis of evidence provided by such audits, it is the Authority's reasonable opinion that compliance with the principles and practices of ISO/IEC 27001 and ISO/IEC 27002 is not being achieved by the Supplier, then the Authority shall notify the Supplier in writing of the same and give the Supplier a reasonable period of time (having regard to the extent and criticality of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO/IEC 27001 and ISO/IEC 27002. If the Supplier does not become compliant within the required time then the Authority has the right to obtain an independent audit against these standards in whole or in part. If, as a result of any such independent audit as described in Paragraph 5.3 above, the Supplier is found to be non-compliant with the principles and practices of ISO/IEC 27001 and ISO/IEC 27002 then the Supplier shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit.
Sample 1Sample 2
AutoNDA by SimpleDocs
Authority Audit. The Authority shall be entitled to carry out such regular security audits as may be required, and in accordance with Good Industry Practice, in order to ensure that the ISMS maintains compliance with the principles and practices of ISO/IEC 27001. If, on the basis of evidence provided by such audits, it is the Authority's reasonable opinion that compliance with the principles and practices of ISO/IEC 27001 is not being achieved by the Service Provider, then the Authority shall notify the Service Provider in writing of the same and give the Service Provider a reasonable period of time (having regard to the extent and criticality of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO/IEC 27001. If the Service Provider does not become compliant within the required time then the Authority has the right to obtain an independent audit against these standards in whole or in part. If, as a result of any such independent audit as described in Paragraph 5.3 above, the Service Provider is found to be non-compliant with the principles and practices of ISO/IEC 27001 then the Service Provider shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit. Service Provider Audit If required by the Authority, the Service Provider shall carry out regular security audits as may be required in order to maintain delivery of the Services and the ISMS in compliance with: security aspects of ISO/IEC 27002:2005 or equivalent; ISO/IEC 27001 or equivalent; the Security Policy Framework; and the requirements issued by the National Technical Authority for Information Assurance, and shall promptly provide to the Authority any associated security audit reports and shall otherwise notify the Authority in writing of the results of such security audits. The provisions set out in Paragraphs 5.3 and 5.4 above shall apply mutatis mutandis to this Paragraph 5.5.
Sample 1Sample 2
Authority Audit. The Authority shall be entitled to carry out such regular security audits as may be required, and in accordance with Good Industry Practice, in order to ensure that the ISMS maintains compliance with the principles and practices of ISO/IEC 27001. If, on the basis of evidence provided by such audits, it is the Authority's reasonable opinion that compliance with the principles and practices of ISO/IEC 27001 is not being achieved by the Supplier, then the Authority shall notify the Supplier in writing of the same and give the Supplier a reasonable period of time (having regard to the extent and criticality of any non-compliance and any other relevant circumstances) to become compliant with the principles and practices of ISO/IEC 27001. If the Supplier does not become compliant within the required time then the Authority has the right to obtain an independent audit against these standards in whole or in part. If, as a result of any such independent audit as described in Paragraph 5.3 above, the Supplier is found to be non-compliant with the principles and practices of ISO/IEC 27001 then the Supplier shall, at its own expense, undertake those actions required in order to achieve the necessary compliance and shall reimburse in full the costs incurred by the Authority in obtaining such audit.
Sample 1

Related to Authority Audit

  • Other Controller Audit Any other Controller may audit SAP’s control environment and security practices relevant to Personal Data processed by SAP in line with Section 5.1 only if any of the cases set out in Section 5.1 applies to such other Controller. Such audit must be undertaken through and by Customer as set out in Section 5.1 unless the audit must be undertaken by the other Controller itself under Data Protection Law. If several Controllers whose Personal Data is processed by SAP on the basis of the Agreement require an audit, Customer shall use all reasonable means to combine the audits and to avoid multiple audits.

  • Security Audits Each Contract Year, County may perform or have performed security reviews and testing based on an IT infrastructure review plan. Such testing shall ensure all pertinent County security standards as well as any customer agency requirements, such as federal tax requirements or HIPPA.

  • State Auditor In accordance with Government Code Section 8546.7, the Consultant may be subject to audit by the California State Auditor with regard to the Consultant’s performance of this Master Agreement if the compensation of the Maximum Total Compensation exceeds $10,000.

  • STATE AUDIT 12 Pursuant to Government Code Section 8546.7, CITY and COUNTY shall be 13 subject to examination and audit by the State Auditor for a period of three (3) 14 years after final payment by CITY to COUNTY under this Agreement. CITY 15 and COUNTY shall retain all records relating to the performance of this 16 Agreement for said three-year period, except that those records pertaining to 17 any audit then in progress, or to any claim or litigation, shall be retained beyond 18 said three-year period, until final resolution of said audit, claim or litigation.

  • Inspection & Audit Contractor agrees that the relevant books, records (written, electronic, computer related or otherwise), including, without limitation, relevant accounting procedures and practices of Contractor or its subcontractors, financial statements and supporting documentation, and documentation related to the work product shall be subject, at any reasonable time, to inspection, examination, review, audit, and copying at any office or location of Contractor where such records may be found, with or without notice by the City, and with regard to any federal funding, the relevant federal agency, the Comptroller General, the General Accounting Office, the Office of the Inspector General, or any of their authorized representatives. All subcontracts shall reflect the requirements of this paragraph.

  • Annual Audits Each fiscal year, the School shall provide for an independent annual financial audit conducted in accordance with Generally Accepted Auditing Standards and Governmental Auditing Standards and performed by a certified public accountant (CPA); provided the Commission may establish an alternative reporting requirement in accordance with State law. The Commission shall provide the guidelines and/or scope of the audit or alternative report and may require minimum CPA qualifications or that the School select from a list of qualified CPAs as provided by the Commission. The School shall provide the completed audit or alternative report to the Commission by November 15 after the conclusion of the fiscal year; provided that the Commission, with reasonable notice to the School, may change the deadline depending on circumstances. The School shall pay for the audit or alternative report if an appropriation is not made by the Legislature for such purpose.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!