Security Evaluations. In addition to Opal’s own annual internal security audit to assess compliance with Opal’s security policies, processes, and procedures, Opal shall retain an accredited independent auditing firm to verify such compliance and provide an independent assessment of Opal’s compliance with ISO 27001 and/or SOC 2 Type II standards. Executive summaries of Opal’s most recent audit reports are available at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇/security. 1. Security Evaluations. Upon Customer’s request, but no more than once per calendar year and with at least ten (10) business days’ advance written notice, Customer may evaluate Opal’s security policies, processes, and procedures, provided that the scope of such evaluation will be limited to information that is not deemed confidential by Opal, including without limitation data belonging to other customers and Opal’s intellectual property and proprietary business practices (an “Evaluation”).
Appears in 2 contracts
Sources: Master Software as a Service Agreement, Terms of Use