Fact is that customers have a legitimate need to reserve a right to audit the cloud service provider’s compliance measures. But, it is also a fact that the service provider may not let customers into its data centers or systems because that would impair the security of other customers’ data. Also, individual audits would be unnecessarily disruptive and costly. As a compromise, cloud service providers can arrange for routine, comprehensive audits of their systems by a generally accepted audit firm and make the results available to all customers. If customers demand additional topics on the audit list, providers may want to expand the scope of the next scheduled audit (usually at the customers’ cost) provided the additional controls are reasonable.
Register now for your free, tailored, daily legal newsfeed service.
Questions? Please contact email@example.comRegister
Myth 11: Customer needs to have the Right to Access the Provider’s Data Centers and Systems for Audit Purposes
Popular articles from this firm
If you would like to learn how Lexology can drive your content marketing strategy forward, please email firstname.lastname@example.org.
Related topic hubs
Senior Vice-President and Regional Counsel
Sony BMG Music Entertainment (Asia) Inc
"I am a regular reader of Lexology – the content of which is extremely useful to me."