Common use of Right of Review and Audit Clause in Contracts

Right of Review and Audit. Upon request by the EA, Contractor shall provide the EA with copies of its policies and related procedures that pertain to the protection of PII. It may be made available in a form that does not violate Contractor’s own information security policies, confidentiality obligations, and applicable laws. Upon request, Contractor will provide the EA with a recent industry standard independent SOC 2 Type 2 audit report on Contractor’s privacy and security practices.

Right of Review and Audit. Upon request by the EA, Contractor shall provide the EA with copies of its policies and related procedures that pertain to the protection of PII. It may be made available in a form that does not violate Contractor’s own information security policies, confidentiality dentiality obligations, and applicable laws. Upon requestIn addition, Contractor will provide may be required to undergo an audit of its privacy and security safeguards, measures and controls as it pertains to alignment with the EA requirements of New York State laws and regulations, with the NIST Cybersecurity Framework performed by an independent third party at with a recent industry standard independent SOC 2 Type 2 audit report on Contractor’s privacy and security practicess practices as an alternative to undergoing an audit.

Right of Review and Audit. Upon request by the EA, Contractor shall provide the EA with copies a summary of its policies and related procedures that pertain to the protection of PII. It may be made available in a form that does not violate Contractor’s 's own information security policies, confidentiality obligations, and applicable laws. Upon request, Contractor will may provide the EA with a summary of a recent industry standard independent SOC 2 Type 2 audit report on Contractor’s 's privacy and security practicespractices as an alternative to undergoing an audit.

Right of Review and Audit. Upon request by the EA, Contractor shall provide the EA with copies of its policies and related procedures that pertain to the protection of PII. It may be made available in a form that does not violate Contractor’s own information security policies, confidentiality obligations, and applicable laws. Upon requestIn addition, subject to confidentiality obligations, after reasonable notice EA may request and Contractor will may provide the EA with a recent industry standard independent SOC 2 Type 2 audit report on Contractor’s privacy and security practices.