Common use of Right to Audit Clause in Contracts

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorsubcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. Upon the GLO’s request and to confirm ProviderContractor’s compliance with this Attachment, Provider Contractor grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the ProviderContractor’s, or ProviderContractor’s Subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider Contractor agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider Contractor may supply, upon GLO approval, the following reports: SSAE16, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider Contractor shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any subcontract it awards. 6.2. At the GLO’s request, Provider Contractor agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding ProviderContractor’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this AttachmentAttachment C, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorsubcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. 6.1 Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorcontractor/subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, infrastructure and application software that stores, processes, or transports GLO Data. In lieu of a GLO-GLO- conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16SSAE18, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any contract/subcontract it that Provider awards. 6.2. 6.2 At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.Data and the GLO shall consider such information to be confidential and privileged. REQUIRED INSURANCE

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorsubcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that stores, processes, or transports GLO Data. In lieu of a GLO-GLO- conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. 6.1 Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorcontractor/subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, infrastructure and application software that stores, processes, or transports GLO Data. In lieu of a GLO-GLO- conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16SSAE18, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any contract/subcontract it that Provider awards. 6.2. 6.2 At the GLO’s request, Provider agrees to shall promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO DataData and the GLO shall consider such information to be confidential to the extent allowed by law.

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. 6.1 Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorcontractor/subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, infrastructure and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16SSAE18, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any contract/subcontract it that Provider awards. 6.2. 6.2 At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO DataData and the GLO shall consider such information to be confidential and privileged.

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this AttachmentGLO Information Security Appendix, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorsubcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, infrastructure and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16SSAE18, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review review, is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. Upon the GLO’s request and to confirm Provider’s compliance with this Attachment, Provider grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the Provider’s, or Provider’s Subcontractorsubcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, infrastructure and application software that stores, processes, or transports GLO Data. In lieu of a GLO-GLO- conducted assessment, audit, examination, investigation, or review, Provider may supply, upon GLO approval, the following reports: SSAE16SSAE18, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review review, is included in any subcontract it awards. 6.2. At the GLO’s request, Provider agrees to promptly and accurately complete a written information security questionnaire provided by the GLO regarding Provider’s business practices and information technology environment in relation to GLO Data.

Right to Audit. 6.1. 6.1 Upon the GLO’s request and to confirm ProviderContractor’s compliance with this Attachment, Provider Contractor grants the GLO, or a GLO-contracted vendor, permission to perform an assessment, audit, examination, investigation, or review of all controls in the ProviderContractor’s, or ProviderContractor’s Subcontractorcontractor/subcontractor’s, physical and/or technical environment in relation to GLO Data. Provider agrees to Contractor shall fully cooperate with such assessment by providing access to knowledgeable personnel, physical premises, documentation, infrastructure, infrastructure and application software that stores, processes, or transports GLO Data. In lieu of a GLO-conducted assessment, audit, examination, investigation, or review, Provider Contractor may supply, upon GLO approval, the following reports: SSAE16SSAE18, ISO/ICE 27001 Certification, FedRAMP Certification, and PCI Compliance Report. Provider Contractor shall ensure that this clause concerning the GLO’s authority to assess, audit, examine, investigate, or review is included in any contract/subcontract it that Contractor awards. 6.2. 6.2 At the GLO’s request, Provider agrees to Contractor shall promptly and accurately complete a written information security questionnaire provided by the GLO regarding ProviderContractor’s business practices and information technology environment in relation to GLO DataData and the GLO shall consider such information to be confidential to the extent allowed by law.