-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest_audit_compliant.json
More file actions
29 lines (29 loc) · 1.43 KB
/
test_audit_compliant.json
File metadata and controls
29 lines (29 loc) · 1.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
{
"evidence_type": "assure_022_audit_rights",
"vendor_name": "DataFlow Inc",
"evidence_date": "2025-10-24",
"soc2_section_4_criteria": [],
"soc2_coverage_percentage": 0,
"extraction_confidence": 0.98,
"source_document": null,
"audit_rights_granted": true,
"audit_clause_location": "Section 11 (Audit Rights and Compliance Verification)",
"audit_frequency": null,
"audit_frequency_description": "Once per calendar year (annual audit), upon reasonable cause (security incident, compliance concern, customer request), and following material changes to security practices",
"advance_notice_required": true,
"advance_notice_days": 30,
"audit_scope_defined": true,
"audit_scope_includes_security": true,
"audit_scope_includes_data_handling": true,
"audit_scope_description": "Security controls and policies, data handling and processing practices, access controls and user management, encryption implementation, incident response procedures, business continuity and disaster recovery, contractual compliance, subprocessor and third-party risk management",
"third_party_auditor_allowed": true,
"auditor_qualifications_required": true,
"vendor_cooperation_required": true,
"access_to_systems_granted": false,
"access_to_documentation_granted": false,
"access_to_personnel_granted": false,
"cost_allocation": "not_specified",
"cost_cap_amount": null,
"audit_report_to_customer": true,
"remediation_plan_required": true
}