Data Center Audit definition

Data Center Audit. The Contractor shall perform an independent audit of its data centers at least annually and at its own expense, and provide an unredacted version of the audit report upon request. The Contractor may remove its proprietary information from the unredacted version. For example, a Service Organization Control (SOC) 2 audit report would be sufficient.

Split View

AI-Powered Contracts

Draft, Review & Redline at the Speed of AI

Get StartedBook a Demo

Data Center Audit. The contractor shall perform an annual independent audit of its data center(s) where Data, State applications, or other State information is maintained. The contractor shall perform this independent audit at its expense and shall, upon completion, provide an unredacted version of the complete audit report to the State. (The contractor may redact its proprietary information from the unredacted version, however.) A Service Organization Control (SOC) 2 audit report or equivalent approved by the Indiana Office of Technology sets the minimum level of a third-party audit. The State may perform an annual audit of contractor’s data center(s) where Data, State applications, or other State information is maintained. The audit may take place onsite or remotely, at the State’s discretion. The State shall provide to contractor thirty (30) days’ advance notice prior to the audit. The contractor will make reasonable efforts to facilitate the audit and will make available to the State members of its staff during the audit. The State may contract with a third party to conduct the audit at its discretion and at the State’s expense. If the contractor maintains Data, State applications, or other State information at multiple data centers, the State may perform an annual audit of each data center. The parties agree that any documents provided to the State under this paragraph shall be deemed a trade secret of contractor and is deemed administrative or technical information that would jeopardize a record keeping or security system, and shall be exempt from disclosure under the Indiana Access to Public Records Act, IC 5-14-3.

Data Center Audit. The Contractor shall perform an independent audit of its data centers at least annually at its expense, and provide an un-redacted version of the audit report upon request to a State. The Contractor may remove its proprietary information from the un-redacted version. Salesforce's information security control environment applicable to the Salesforce Services undergoes an independent evaluation in the form of SOC 1 (SSAE 16), SOC 2, or SOC 3 reports The most recent SSAE16 SOC 1 Report, SOC 2 Report and SSAE16 SOC 1 Bridge (Gap) Letter are available upon request.

Examples of Data Center Audit in a sentence

• Industry standard compliance includes annual completion of: SSAE18/ISAE Data Center Audit, SSAE18 Operations Audit, PCI-DSS Compliance Audit, Vulnerability Testing & CVSS Audit, and Control Self-Assessment Audit.

• This Security Policy fulfills Snowflake’s obligations to comply with applicable laws related to data privacy and security, under Carahsoft NASPO Agreement Section 31, Data Privacy, Exhibit 1 to the Master Agreement: Software-as-a-Service, Section 9, Access to Security Logs and Reports, Section 10, Contract Audit, Section 11 Data Center Audit, and Section 13, Security.

• Industry standard compliance includes annual completion of: SSAE18/ISAE External Data Center Audit, SSAE18 Operations Audit, PCI-DSS Compliance Audit, Vulnerability Testing & CVSS Audit, and Control Self-Assessment Audit.