Common use of Certifications and Audits Clause in Contracts

Certifications and Audits. (a) Anaplan shall make available to Client such information as is reasonably necessary to demonstrate Anaplan’s compliance with the obligations of this DPA and the obligations under applicable Data Protection Laws; (b) For the Anaplan Service, during the term of the Agreement, Anaplan will engage independent third-party auditors to perform regular audits (at least annually) and provide an Audit Report (SOC 1 Type 2 and/or SOC 2 Type 2 report) and/or ISO certificate/attestation; (c) Upon Client’s written request but no more than twice annually, and subject to the confidentiality obligations set forth in the Agreement, Anaplan shall provide a copy of Anaplan’s then most recent Audit Report or ISO certificate/attestation, or any summaries thereof, that Anaplan generally makes available to its clients at the time of such request. (d) To the extent that ▇▇▇▇▇▇▇’s provision of an Audit Report does not provide sufficient information or Client is required to respond to regulatory authority audits, Client agrees to a mutually agreed-upon audit plan with Anaplan that (i) defines the mutually agreed-upon scope, timing and duration of the audit; (ii) ensures the use of an independent third party; (iii) provides notice to Anaplan in a timely fashion; (iv) requests access only during business hours; (v) accepts billing to Client at Anaplan’s then current rate; (vi) occurs no more than once annually; (vii) restricts its findings to only data relevant to Client; and (viii) obligates Client, to the extent permitted by law or regulations, to keep confidential any information gathered that, by its nature, should be confidential. (e) Client acknowledges and agrees that any exercise of its audit rights under Clause 8.9 of the Standard Contractual Clauses will be conducted on accordance with this DPA.

Certifications and Audits. (a) Anaplan shall make available to Client such information as is reasonably necessary to demonstrate Anaplan’s compliance with the obligations of this DPA and the obligations under applicable Data Protection Laws; (b) For the Anaplan Service, during the term of the Agreement, Anaplan will engage independent third-party auditors to perform regular audits (at least annually) and provide an Audit Report (SOC 1 Type 2 and/or SOC 2 Type 2 report) and/or ISO certificate/attestation; (c) Upon Client’s written request but no more than twice annually, and subject to the confidentiality obligations set forth in the Agreement, Anaplan shall provide a copy of Anaplan’s then most recent Audit Report or ISO certificate/attestation, or any summaries thereof, that Anaplan generally makes available to its clients at the time of such request. (d) To the extent that ▇▇▇▇▇▇▇Anaplan’s provision of an Audit Report does not provide sufficient information or Client is required to respond to regulatory authority audits, Client agrees to a mutually agreed-upon audit plan with Anaplan that (i) defines the mutually agreed-upon scope, timing and duration of the audit; (ii) ensures the use of an independent third party; (iii) provides notice to Anaplan in a timely fashion; (iv) requests access only during business hours; (v) accepts billing to Client at Anaplan’s then current rate; (vi) occurs no more than once annually; (vii) restricts its findings to only data relevant to Client; and (viii) obligates Client, to the extent permitted by law or regulations, to keep confidential any information gathered that, by its nature, nature should be confidential. (e) Client acknowledges and agrees that any exercise of its audit rights under Clause 8.9 of the Standard Contractual Clauses will be conducted on accordance with this DPA.

Certifications and Audits. (a) Anaplan shall make available to the Client such information as is reasonably necessary to demonstrate Anaplan’s compliance with the obligations of this DPA and the obligations under applicable Data Protection Laws; (b) For the Anaplan Service, during the term of the Agreement, Anaplan will engage independent third-party auditors to perform regular audits (at least annually) and provide an Audit Report (SOC 1 Type 2 and/or SOC 2 Type 2 report) and/or ISO certificate/attestation; (c) Upon Client’s written request but no more than twice annually, and subject to the confidentiality obligations set forth in the Agreement, Anaplan shall provide a copy of Anaplan’s then most recent Audit Report or ISO certificate/attestation, or any summaries thereof, that Anaplan generally makes available to its clients Clients at the time of such request. (d) To the extent that ▇▇▇▇▇▇▇Anaplan’s provision of an Audit Report does not provide sufficient information or Client is required to respond to regulatory authority audits, Client agrees to a mutually agreed-upon audit plan with Anaplan that (i) defines the mutually agreed-upon scope, timing and duration of the audit; (ii) ensures the use of an independent third party; (iii) provides notice to Anaplan in a timely fashion; (iv) requests access only during business hours; (v) accepts billing to Client at Anaplan’s then current rate; (vi) occurs no more than once annually; (vii) restricts its findings to only data relevant to Client; and (viii) obligates Client, to the extent permitted by law or regulations, to keep confidential any information gathered that, by its nature, nature should be confidential. (e) Client acknowledges and agrees that any exercise of its audit rights under Clause 8.9 of the Standard Contractual Clauses will be conducted on accordance with this DPA.