Enabling Customer Compliance. a. Effective Access to Data and Business Premises. As set forth in this Amendment and for clarity and to be consistent with applicable regulations, Microsoft will provide Customer, Customer’s internal and external auditors (both of which are defined as “Customer Auditor” herein) and Customer’s Regulator, with effective access to data related to the activities outsourced to Microsoft, as well as reasonable access to Microsoft’s business premises (see Section 2(b)(ii) and Section 2(c)(iii)). Customer will at all times have direct access to Customer Data, including Customer’s virtual machines and applications deployed in the Online Services. This includes the ability for Customer to conduct vulnerability and penetration testing of Customer’s deployments in the Online Services or other similar testing as applicable to a specific Online Service that Customer is using. For avoidance of doubt, Customer must conduct any testing in accordance with Microsoft’s terms and conditions, which may require, among other things, Customer to provide Microsoft with advance notice of any tests and prohibit Customer from targeting any other Microsoft customer.
Appears in 4 contracts
Samples: Financial Services Amendment, Financial Services Amendment, Financial Services Amendment
