Contract Management

Expand all | Collapse all

"Right to Audit" clause

  • 1.  "Right to Audit" clause

    Posted 01-13-2020 11:03 AM
    Does everyone include a "right to audit" clause in vendor contracts? (we don't currently but it's in the works). We have a decentralized system here where contracts are signed and then the business unit (usually) lets TPRM know that the services/vendors are schedule to start (usually within a week). Not a lot of time but we deal with it. We do have the occasional vendor who will balk at completing the due diligence questionnaire, stating that they're either 1) too small, 2) don't have time now, or 3) we don't "do" those". If we had the proper language in the contract that the vendor just signed, we could point to that and inform them that they actually have to complete the questionnaire. I'm hoping that would work.
    Do others have the same experiences?

  • 2.  RE: "Right to Audit" clause

    Posted 01-13-2020 12:44 PM
    Hi.  We have an "audit" section in our standard agreements.  Mostly helps us with obtaining SOC Reports and Cyber Security onsites.  Vendor selection and onboarding is where we focus on third party management process and completion of initial and ongoing due diligence/monitoring.  Yes, we do have third parties who respond similarly to what you described.

    Hope this helps.