Information Security Audit Clause Samples
POPULAR SAMPLE Copied 1 times
Information Security Audit. Lexicon will permit Novo Nordisk to audit, upon reasonable notice and no more frequently than [**], under customary confidentiality obligations, Lexicon’s compliance with the information technology requirements set forth in this Section 4.8 (Information Security), which audit may be conducted by Novo Nordisk or a Third Party expert appointed by Novo Nordisk; provided such Third Party expert executes a customary confidentiality and non-use agreement with Lexicon governing any such audit. 5. MANUFACTURING 5.1. Manufacturing and Supply Responsibilities. Lexicon (itself or through an Affiliate or one or more Subcontractors engaged in accordance with Section 4.4.1 (Engagement of Subcontractors)) will supply, including from inventory existing as of the Effective Date, the requirements of Licensed Compounds and Licensed Products for use by or on behalf of Novo Nordisk for any all Development activities prior to [**], until (a) completion of the technology transfer under Section 5.4 (Manufacturing Technology Transfer) and (b) qualification of Novo Nordisk or its designee to Manufacture the Licensed Products for use in Phase 3 Trials and for Commercialization purposes (the foregoing Manufacturing activities, the “Lexicon Manufacturing Activities”). Other than the Lexicon Manufacturing Activities, Novo Nordisk will otherwise have sole control over and decision-making authority with respect to Manufacturing, directly or indirectly through one or more Subcontractors, Licensed Compounds and Licensed Products. Novo Nordisk will reimburse the FTE Costs (subject to Section 5.5 (Allocation of Costs)) and Out-of-Pocket Costs incurred by Lexicon to Manufacture supplies of such Licensed Compounds and Licensed Products, without any markup or premium, within [**] after receipt of an invoice from Lexicon. Lexicon will 31 Manufacture, and will ensure any Affiliates or Subcontractors Manufacture, all Licensed Compounds and Licensed Products pursuant to this Section 5.1 (Manufacturing and Supply Responsibilities) in compliance with GMP.
Information Security Audit. BNY Mellon shall conduct penetration testing (including through a reputable third party recognized by the information security industry), at least once every rolling 12-month period, to review and assess the adequacy of BNY Mellon’s information security measures, and BNY Mellon shall, at Voya’s request, provide Voya with evidence that such testing has been performed.
Information Security Audit. Cognizant Group agrees that, subject to the provisions set forth in Section 12.06, an NAIC Auditor may from time-to-time conduct penetration testing and on-site inspections to review and assess the adequacy of Cognizant Group’s information security measures and Cognizant Group shall, at no additional cost or expense to NAIC Group, promptly remedy all deficiencies found as a result of such assessment.
Information Security Audit. Notwithstanding the foregoing, Supplier agrees that, subject to the provisions set forth in Section 12.04, a Voya Auditor may from time-to-time conduct on-site inspections to review and assess the adequacy of Supplier's information security measures and Supplier shall, at no additional cost or expense to Voya Group, promptly remedy all deficiencies found as a result of such assessment.
Information Security Audit. In addition to the audit rights granted in clause 13 above, NTT (and its representatives) will have the right to audit Supplier’s premises and information security program, upon reasonable advance notice, in order to confirm Supplier’s compliance with the terms set out in this Part 3.
Information Security Audit. Upon prior written notice and at a mutually acceptable time, Client or Client representatives (e.g., external audit consultants or regulators) may audit, test and/or inspect the Accenture’s Data Protection Procedures and the Accenture’s facilities to assure Client Confidential Information is adequately protected. This information security audit is in addition to other audit rights granted herein. The Parties will mutually agree upon the scope of such audits, tests or inspections, which may extend to Accenture subcontractor and Pre-Approved Subcontractors listed in the applicable SOW locations and other Accenture resources (other systems, environmental support, recovery processes, data centers, backup locations, call centers etc.) used to support the systems and handling of Confidential Information, provided that Client shall not be provided access to the data of any other Accenture client or to personal data of Accenture Personnel. Accenture shall inform Client of any internal auditing capability it possesses and permit Client to consult on a confidential basis with such auditors at all reasonable times. Accenture shall promptly take action at its expense to correct all issues identified by an information security audit that, Client, in its reasonable discretion, identifies as requiring correction.
Information Security Audit. Septerna shall permit Novo Nordisk to audit, upon reasonable notice and no more frequently than [***], under customary confidentiality obligations, Septerna’s compliance with industry standard information technology requirements, which audit may be conducted by an independent Third Party expert appointed by Novo Nordisk reasonably acceptable to Septerna, at Novo Nordisk’s cost and expense, and subject to customary confidentiality and securities measures as may be reasonably implemented by Septerna. Such Third Party expert shall have [***]. For clarity, if required by such audit Septerna shall grant such independent Third Party expert [***].
Information Security Audit. (a) TSYS will use commercially reasonable security measures to safeguard its computer systems and physical facilities against (i) the unauthorized destruction, loss, alteration of, or access to COMPANY’s Confidential Information, whether such information is at or on TSYS’ systems or facilities or in transit; and (ii) interruption or disruption of the Services being provided hereunder to COMPANY. TSYS reserves the right to make changes in its security infrastructure and procedures from time to time, so long as TSYS maintains compliance with applicable Laws and Regulations as defined in Section 10.3 of this Agreement.
(b) Annually, during the term of this Agreement, TSYS shall have a nationally-recognized accounting firm conduct an audit in accordance with the Statement on Standards for Attestation Engagements No. 16 (“SSAE 16”) developed by the American Institute of Certified Public Accountants, and have such accounting firm issue a Service Auditor’s Type II Report (or substantially similar report in the event the SSAE 16 auditing standard and/or a Service Auditors Type II Report are no longer an industry standard) which shall cover, at a minimum, security policies and procedures and controls, including without limitation, system security and physical security. No more than once annually, TSYS shall provide COMPANY with a copy of the SSAE 16 promptly upon request by COMPANY.
(c) If the SSAE 16 in its final and issued version contains a qualified opinion relating to security matters, including without limitation, risks to TSYS’ computer systems and physical facilities which could result in the unauthorized destruction, loss, alteration of, or access to COMPANY’s Confidential Information or the Services being provided to COMPANY hereunder being materially affected, then a senior technology executive of TSYS shall promptly meet with a representative of COMPANY to discuss the matter and TSYS shall promptly take action to address the matter raised by the qualification so that the cause of the qualified opinion may be resolved and take such other steps, after consultation with COMPANY to reduce the risk to COMPANY’ s Confidential Information.
(d) If, at any time during the Term, COMPANY has reasonable material concerns regarding TSYS’ operational controls, data security, and/or financial stability, and such concerns are not addressed in the SSAE 16 Audit and in TSYS’ response to any opinion therein to COMPANY’s reasonable satisfaction, COMPANY shall so notify TSY...
Information Security Audit