{"component": "clause", "props": {"groups": [{"size": 4, "snippet": "Contractor must periodically conduct audits, assessments, testing of its system of controls, and testing of information security and privacy procedures, including penetration testing, intrusion detection, and firewall configuration reviews. These periodic audits must be conducted by staff certified to perform the specific audit in question at Contractor\u2019s sole cost and expense through either: (i) an internal independent audit function, (ii) a nationally recognized, external, independent auditor, or", "snippet_links": [{"key": "contractor-must", "type": "clause", "offset": [0, 15]}, {"key": "privacy-procedures", "type": "clause", "offset": [133, 151]}, {"key": "penetration-testing", "type": "clause", "offset": [163, 182]}, {"key": "intrusion-detection", "type": "clause", "offset": [184, 203]}, {"key": "periodic-audits", "type": "clause", "offset": [247, 262]}, {"key": "cost-and-expense", "type": "clause", "offset": [363, 379]}, {"key": "an-internal", "type": "clause", "offset": [400, 411]}, {"key": "audit-function", "type": "clause", "offset": [424, 438]}, {"key": "nationally-recognized", "type": "definition", "offset": [447, 468]}, {"key": "independent-auditor", "type": "clause", "offset": [480, 499]}], "samples": [{"hash": "Cxe3f5z45J", "uri": "/contracts/Cxe3f5z45J#self-audits", "label": "Inmate Commissary and Vending Services Contract", "score": 35.3410687524, "published": true}, {"hash": "aBexA2w5wpk", "uri": "/contracts/aBexA2w5wpk#self-audits", "label": "Inmate Commissary and Vending Services Contract", "score": 34.7277155206, "published": true}], "hash": "80ca6e8a513fea0348c13bdf061b6100", "id": 1}, {"size": 1, "snippet": "At least once per year, Wasabi will conduct audits of its Personal Data Processing practices and the information technology and information security controls for all facilities and systems used in complying with its obligations under this DPA.", "snippet_links": [{"key": "per-year", "type": "definition", "offset": [14, 22]}, {"key": "processing-practices", "type": "definition", "offset": [72, 92]}, {"key": "information-security-controls", "type": "clause", "offset": [128, 157]}, {"key": "facilities-and-systems", "type": "clause", "offset": [166, 188]}, {"key": "complying-with", "type": "clause", "offset": [197, 211]}], "samples": [{"hash": "1AlhKvWJVNT", "uri": "/contracts/1AlhKvWJVNT#self-audits", "label": "Data Processing Agreement", "score": 32.9102863412, "published": true}], "hash": "336c78b925415dbab04627a26e31cfb6", "id": 5}, {"size": 2, "snippet": "If the contract contains SDRL SS-EC-002, follow the instructions in SDRL SS-EC-002 instead of this paragraph. If the contract does not contain SDRL SS-EC-002 and the Seller is exporting, the Seller and the Seller\u2019s subcontractors/suppliers shall perform self annual audits of their export control processes and provide written audit results to Boeing Data Management marked NAS15-10000 {the number of this contract} SDRL SS-EC-002. Audits should include a thorough examination of all export control processes associated with this contract, areas for improvement (if any), and corrective action plans for identified areas of improvement. Affected Sellers are required to do their own self-audits and report the results of the audit to Boeing Data Management marked NAS15-10000 {the number of this contract} SDRL SS-EC-002. Prior to audit completion, inclusion of informal statuses to the Boeing Export Control Office is optional and might prove useful in the success of this effort. The content should be as follows:\n(1) Define your current audit processes.\n(2) Document the export control processes audited and audit findings.\n(3) Based on audit findings, include corrective action plans for any processes identified for improvements and notification of when the correction of any non-conformances has been completed. The document shall be in Microsoft Word or Microsoft Excel. The document shall be submitted and maintained electronically. The submission date shall be July 31 of each year.", "snippet_links": [{"key": "the-contract", "type": "definition", "offset": [3, 15]}, {"key": "the-seller-is", "type": "clause", "offset": [162, 175]}, {"key": "the-seller-and-the", "type": "clause", "offset": [187, 205]}, {"key": "annual-audits", "type": "clause", "offset": [259, 272]}, {"key": "export-control", "type": "clause", "offset": [282, 296]}, {"key": "audit-results", "type": "clause", "offset": [327, 340]}, {"key": "to-boeing", "type": "definition", "offset": [341, 350]}, {"key": "data-management", "type": "definition", "offset": [351, 366]}, {"key": "number-of", "type": "clause", "offset": [391, 400]}, {"key": "this-contract", "type": "clause", "offset": [401, 414]}, {"key": "thorough-examination", "type": "definition", "offset": [456, 476]}, {"key": "associated-with", "type": "definition", "offset": [509, 524]}, {"key": "areas-for-improvement", "type": "clause", "offset": [540, 561]}, {"key": "corrective-action-plans", "type": "clause", "offset": [576, 599]}, {"key": "results-of-the-audit", "type": "clause", "offset": [710, 730]}, {"key": "prior-to", "type": "definition", "offset": [822, 830]}, {"key": "audit-completion", "type": "clause", "offset": [831, 847]}, {"key": "inclusion-of", "type": "clause", "offset": [849, 861]}, {"key": "control-office", "type": "definition", "offset": [901, 915]}, {"key": "the-content", "type": "clause", "offset": [982, 993]}, {"key": "the-export", "type": "clause", "offset": [1070, 1080]}, {"key": "audit-findings", "type": "clause", "offset": [1111, 1125]}, {"key": "based-on", "type": "clause", "offset": [1131, 1139]}, {"key": "notification-of", "type": "definition", "offset": [1238, 1253]}, {"key": "correction-of", "type": "clause", "offset": [1263, 1276]}, {"key": "any-non", "type": "clause", "offset": [1277, 1284]}, {"key": "microsoft-word", "type": "definition", "offset": [1343, 1357]}, {"key": "microsoft-excel", "type": "definition", "offset": [1361, 1376]}, {"key": "submission-date", "type": "definition", "offset": [1445, 1460]}, {"key": "each-year", "type": "definition", "offset": [1481, 1490]}], "samples": [{"hash": "giiqHeF0jLA", "uri": "/contracts/giiqHeF0jLA#self-audits", "label": "Customer Contract Requirements", "score": 21.0, "published": true}, {"hash": "4zdvoHiLHtE", "uri": "/contracts/4zdvoHiLHtE#self-audits", "label": "Customer Contract Requirements", "score": 21.0, "published": true}], "hash": "ac39b5b771f134fc0233d53127e2c26f", "id": 3}, {"size": 3, "snippet": "Contractor must periodically conduct audits, assessments, testing of the system of controls, and testing of Information Security and privacy procedures, including penetration testing, intrusion detection, and firewall configuration reviews. These periodic audits will be conducted by staff certified to perform the specific audit in question at Contractor\u2019s sole cost and expense through either (i) an internal independent audit function, (ii) a nationally recognized, external, independent auditor, or (iii) another independent auditor approved by the County. Contractor must have a process for correcting control deficiencies that have been identified in the periodic audit, including follow up documentation providing evidence of such corrections. Contractor must provide the audit results and any corrective action documentation to the County promptly upon its completion at the County\u2019s request. With respect to any other report, certification, or audit or test results prepared or received by Contractor that contains any County Information, Contractor must promptly provide the County with copies of the same upon the County\u2019s reasonable request, including identification of any failure or exception in Contractor\u2019s Information systems, products, and services, and the corresponding steps taken by Contractor to mitigate such failure or exception. Any reports and related materials provided to the County pursuant to this Section must be provided at no additional charge to the County.", "snippet_links": [{"key": "the-system", "type": "definition", "offset": [69, 79]}, {"key": "privacy-procedures", "type": "clause", "offset": [133, 151]}, {"key": "penetration-testing", "type": "clause", "offset": [163, 182]}, {"key": "intrusion-detection", "type": "clause", "offset": [184, 203]}, {"key": "periodic-audits", "type": "clause", "offset": [247, 262]}, {"key": "cost-and-expense", "type": "clause", "offset": [363, 379]}, {"key": "an-internal", "type": "clause", "offset": [399, 410]}, {"key": "audit-function", "type": "clause", "offset": [423, 437]}, {"key": "nationally-recognized", "type": "definition", "offset": [446, 467]}, {"key": "independent-auditor", "type": "clause", "offset": [479, 498]}, {"key": "by-the-county", "type": "clause", "offset": [546, 559]}, {"key": "evidence-of", "type": "definition", "offset": [721, 732]}, {"key": "audit-results", "type": "clause", "offset": [779, 792]}, {"key": "corrective-action", "type": "definition", "offset": [801, 818]}, {"key": "to-the-county", "type": "definition", "offset": [833, 846]}, {"key": "promptly-upon", "type": "clause", "offset": [847, 860]}, {"key": "with-respect-to", "type": "clause", "offset": [901, 916]}, {"key": "other-report", "type": "clause", "offset": [921, 933]}, {"key": "test-results", "type": "definition", "offset": [962, 974]}, {"key": "received-by-contractor", "type": "clause", "offset": [987, 1009]}, {"key": "county-information", "type": "clause", "offset": [1028, 1046]}, {"key": "promptly-provide", "type": "clause", "offset": [1064, 1080]}, {"key": "copies-of-the", "type": "clause", "offset": [1097, 1110]}, {"key": "reasonable-request", "type": "definition", "offset": [1134, 1152]}, {"key": "information-systems", "type": "definition", "offset": [1223, 1242]}, {"key": "steps-taken", "type": "clause", "offset": [1290, 1301]}, {"key": "to-mitigate", "type": "definition", "offset": [1316, 1327]}, {"key": "any-reports", "type": "clause", "offset": [1355, 1366]}, {"key": "materials-provided", "type": "clause", "offset": [1379, 1397]}, {"key": "pursuant-to", "type": "definition", "offset": [1412, 1423]}, {"key": "additional-charge", "type": "clause", "offset": [1460, 1477]}], "samples": [{"hash": "6HMPXUrSQni", "uri": "/contracts/6HMPXUrSQni#self-audits", "label": "Service Level Agreement", "score": 34.2290761107, "published": true}, {"hash": "kYUvJh79d1m", "uri": "/contracts/kYUvJh79d1m#self-audits", "label": "Service Level Agreement", "score": 34.2141372835, "published": true}], "hash": "570012761f3147f831763de76acf67ea", "id": 2}, {"size": 1, "snippet": "The FWO and JB Group acknowledge and agree that JB Group will conduct a broad audit of its stores in accordance with the scope and methodology set out in Attachment B (Broad Audit).", "snippet_links": [{"key": "acknowledge-and-agree", "type": "clause", "offset": [21, 42]}, {"key": "in-accordance-with", "type": "definition", "offset": [98, 116]}, {"key": "scope-and-methodology", "type": "clause", "offset": [121, 142]}, {"key": "set-out", "type": "definition", "offset": [143, 150]}, {"key": "attachment-b", "type": "definition", "offset": [154, 166]}], "samples": [{"hash": "fvbbd6adx02", "uri": "/contracts/fvbbd6adx02#self-audits", "label": "Proactive Compliance Deed", "score": 21.6310746064, "published": true}], "hash": "95b9add8ca75376f65f06492962e5a31", "id": 4}, {"size": 1, "snippet": "To help manage Your use of the Products and Your compliance with this Agreement, You agree to perform a self-audit upon 10 working days prior written notice from Us, on the self audit form made available by Us. If Your-self audit form reveals a discrepancy that You have previously or are currently using more of Our products than you have valid licenses for, You must submit a order to Us at the same time as returning the self-audit form to Us. In the event that you are late in submitting a self-audit form We may delay accepting orders and/or suspend Maintenance Services until We receive the self-audit form and We may instigate the Formal Audit process defined below.", "snippet_links": [{"key": "use-of-the-products", "type": "clause", "offset": [20, 39]}, {"key": "your-compliance-with-this-agreement", "type": "clause", "offset": [44, 79]}, {"key": "you-agree-to", "type": "clause", "offset": [81, 93]}, {"key": "prior-written-notice", "type": "definition", "offset": [136, 156]}, {"key": "available-by", "type": "definition", "offset": [194, 206]}, {"key": "our-products", "type": "clause", "offset": [313, 325]}, {"key": "valid-licenses", "type": "clause", "offset": [340, 354]}, {"key": "in-the-event", "type": "clause", "offset": [447, 459]}, {"key": "accepting-orders", "type": "clause", "offset": [523, 539]}, {"key": "maintenance-services", "type": "definition", "offset": [555, 575]}, {"key": "audit-process", "type": "clause", "offset": [645, 658]}], "samples": [{"hash": "hV7Q9QO4nyd", "uri": "/contracts/hV7Q9QO4nyd#self-audits", "label": "Software License and Maintenance Agreement", "score": 26.3415468857, "published": true}], "hash": "9504e35ef62d1befc19fe4294116c5e0", "id": 6}, {"size": 1, "snippet": "Contractor agrees to conduct annual internal and independent audits to include but not be limited to the review of Contractor\u2019s 1) data protection, 2) access and appropriate use, 3) security measures, 4) data recipients and Subscriber review. These audits shall be conducted at no cost to DOL and are solely at the Contractor\u2019s expense. The Contractor must provide DOL with copies of each annual internal and independent audit and the results of each annual internal and independent audit within thirty (30) days of audit completion and upon request. Contractor agrees to require or to conduct annual internal and independent audits of all Subscribers audits are to include but not be limited to the review of Subscriber\u2019s\n1) data protection, 2) access and appropriate use, 3) security measures, 4) data recipients. These audits shall be conducted at no cost to DOL and are solely at the Contractor\u2019s or Subscriber\u2019s expense. The Contractor must provide DOL with copies of each audit and the results within thirty (30) days of audit completion and upon request. Contractor must terminate Subscribers when audit fails. Contractor must keep for a period of five (5) years records identifying each individual or entity that receives information and the permitted purpose for which the information will be used and must make such records available to the DOL upon request. (As required by the DPPA) All annual internal and independent audits are to be conducted no later than one (1) year from the date of execution of this Agreement and annually thereafter or as mutually agreed on in writing, until Agreement is expired or is terminated.", "snippet_links": [{"key": "contractor-agrees-to", "type": "clause", "offset": [0, 20]}, {"key": "independent-audits", "type": "clause", "offset": [49, 67]}, {"key": "of-contractor", "type": "clause", "offset": [112, 125]}, {"key": "data-protection", "type": "definition", "offset": [131, 146]}, {"key": "appropriate-use", "type": "definition", "offset": [162, 177]}, {"key": "security-measures", "type": "definition", "offset": [182, 199]}, {"key": "data-recipients", "type": "definition", "offset": [204, 219]}, {"key": "at-no-cost", "type": "definition", "offset": [275, 285]}, {"key": "the-contractor-must-provide", "type": "clause", "offset": [337, 364]}, {"key": "copies-of", "type": "definition", "offset": [374, 383]}, {"key": "within-thirty", "type": "clause", "offset": [489, 502]}, {"key": "audit-completion", "type": "clause", "offset": [516, 532]}, {"key": "upon-request", "type": "definition", "offset": [537, 549]}, {"key": "all-subscribers", "type": "clause", "offset": [636, 651]}, {"key": "of-subscriber", "type": "clause", "offset": [707, 720]}, {"key": "period-of", "type": "definition", "offset": [1145, 1154]}, {"key": "permitted-purpose", "type": "definition", "offset": [1250, 1267]}, {"key": "the-information", "type": "clause", "offset": [1278, 1293]}, {"key": "available-to", "type": "definition", "offset": [1334, 1346]}, {"key": "as-required-by", "type": "clause", "offset": [1370, 1384]}, {"key": "execution-of-this-agreement", "type": "clause", "offset": [1502, 1529]}, {"key": "mutually-agreed", "type": "clause", "offset": [1560, 1575]}, {"key": "in-writing", "type": "clause", "offset": [1579, 1589]}], "samples": [{"hash": "22Mq16EndzZ", "uri": "/contracts/22Mq16EndzZ#self-audits", "label": "Interagency Disclosure Agreement", "score": 20.054072553, "published": true}], "hash": "6a4a3f7f5b3f4088f1f6e1676ae1b8f3", "id": 7}, {"size": 1, "snippet": "To help manage Licensee\u2019s use of the Products and Licensee\u2019s compliance with this Agreement, Licensee agrees to perform a self-audit upon 10 working days prior written notice from Licensor, on the self-audit form, which shall be made available by Licensor. If Licensee\u2019s self-audit form reveals that Licensee has previously or is currently using more products than it has valid licenses for, Licensee must submit a purchase order to Licensor at the same time as returning the self-audit form to Licensor for the additional or underpaid licence or Support Services fees based on Licensor\u2019s then current price list. In the event that Licensee is late in submitting a self-audit form Licensor may delay accepting an Order and/or may suspend Support Services until Licensor receives the self-audit form and Licensor may instigate the Formal Audit process defined below.", "snippet_links": [{"key": "use-of-the-products", "type": "clause", "offset": [26, 45]}, {"key": "compliance-with-this-agreement", "type": "clause", "offset": [61, 91]}, {"key": "licensee-agrees-to", "type": "clause", "offset": [93, 111]}, {"key": "prior-written-notice", "type": "definition", "offset": [154, 174]}, {"key": "by-licensor", "type": "clause", "offset": [244, 255]}, {"key": "valid-licenses", "type": "clause", "offset": [372, 386]}, {"key": "a-purchase-order", "type": "definition", "offset": [413, 429]}, {"key": "to-licensor", "type": "clause", "offset": [430, 441]}, {"key": "support-services-fees", "type": "clause", "offset": [547, 568]}, {"key": "based-on", "type": "clause", "offset": [569, 577]}, {"key": "current-price-list", "type": "definition", "offset": [594, 612]}, {"key": "in-the-event", "type": "clause", "offset": [614, 626]}, {"key": "an-order", "type": "clause", "offset": [710, 718]}, {"key": "audit-process", "type": "clause", "offset": [837, 850]}], "samples": [{"hash": "kkqjqTNwrVP", "uri": "/contracts/kkqjqTNwrVP#self-audits", "label": "Software License and Maintenance Agreement", "score": 24.1800136893, "published": true}], "hash": "7b0a23c102ac31089d01ed156a76131c", "id": 8}, {"size": 1, "snippet": "If exporting, the Seller and the Seller\u2019s subcontractors/suppliers shall perform self annual audits of their export control processes and provide written audit results to Boeing Data Management marked NAS15-10000 {the number of this contract} SDRL SS-EC-002. Audits should include a thorough examination of all export control processes associated with this contract, areas for improvement (if any), and corrective action plans for identified areas of improvement. Affected Sellers are required to do their own self-audits and report the results of the audit to Boeing Data\n(1) Define your current audit processes.\n(2) Document the export control processes audited and audit findings.\n(3) Based on audit findings, include corrective action plans for any processes identified for improvements and notification of when the correction of any non-conformances has been completed. The document shall be in Microsoft Word or Microsoft Excel. The document shall be submitted and maintained electronically. The submission date shall be July 31 of each year.", "snippet_links": [{"key": "the-seller-and-the", "type": "clause", "offset": [14, 32]}, {"key": "annual-audits", "type": "clause", "offset": [86, 99]}, {"key": "export-control", "type": "clause", "offset": [109, 123]}, {"key": "audit-results", "type": "clause", "offset": [154, 167]}, {"key": "to-boeing", "type": "definition", "offset": [168, 177]}, {"key": "data-management", "type": "definition", "offset": [178, 193]}, {"key": "number-of", "type": "clause", "offset": [218, 227]}, {"key": "this-contract", "type": "clause", "offset": [228, 241]}, {"key": "thorough-examination", "type": "definition", "offset": [283, 303]}, {"key": "associated-with", "type": "definition", "offset": [336, 351]}, {"key": "areas-for-improvement", "type": "clause", "offset": [367, 388]}, {"key": "corrective-action-plans", "type": "clause", "offset": [403, 426]}, {"key": "results-of-the-audit", "type": "clause", "offset": [537, 557]}, {"key": "the-export", "type": "clause", "offset": [627, 637]}, {"key": "audit-findings", "type": "clause", "offset": [668, 682]}, {"key": "based-on", "type": "clause", "offset": [688, 696]}, {"key": "notification-of", "type": "definition", "offset": [795, 810]}, {"key": "correction-of", "type": "clause", "offset": [820, 833]}, {"key": "any-non", "type": "clause", "offset": [834, 841]}, {"key": "microsoft-word", "type": "definition", "offset": [900, 914]}, {"key": "microsoft-excel", "type": "definition", "offset": [918, 933]}, {"key": "submission-date", "type": "definition", "offset": [1002, 1017]}, {"key": "each-year", "type": "definition", "offset": [1038, 1047]}], "samples": [{"hash": "3L7rVfH4dNH", "uri": "/contracts/3L7rVfH4dNH#self-audits", "label": "Customer Contract Requirements", "score": 21.0, "published": true}], "hash": "a40bb6813de5028a18e94f8b7dce6655", "id": 9}, {"size": 1, "snippet": "Internal and independent audits to review Contractor's data protection", "snippet_links": [{"key": "independent-audits", "type": "clause", "offset": [13, 31]}, {"key": "data-protection", "type": "definition", "offset": [55, 70]}], "samples": [{"hash": "lIe0XZVHjuE", "uri": "/contracts/lIe0XZVHjuE#self-audits", "label": "Contract No. K4493", "score": 33.7314966153, "published": true}], "hash": "a0ab15364056e1b5b1224a0222a86c47", "id": 10}], "next_curs": "ClQSTmoVc35sYXdpbnNpZGVyY29udHJhY3RzcjALEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2IhRzZWxmLWF1ZGl0cyMwMDAwMDAwYQyiAQJlbhgAIAA=", "clause": {"size": 20, "children": [], "parents": [["audit-and-inspection", "Audit and Inspection"], ["public-records-act", "Public Records Act"], ["additional-export-control-requirements", "ADDITIONAL EXPORT CONTROL REQUIREMENTS"], ["miscellaneous-provisions", "Miscellaneous Provisions"], ["amendment", "Amendment"]], "title": "Self-Audits", "id": "self-audits", "related": [["audits", "Audits", "Audits"], ["field-audits", "Field Audits", "Field Audits"], ["city-audits", "City Audits", "City Audits"], ["tax-audits", "Tax Audits", "Tax Audits"], ["contract-audits", "Contract Audits", "Contract Audits"]], "related_snippets": [], "updated": "2025-07-07T12:37:48+00:00"}, "json": true, "cursor": ""}}