ProofHQ is committed to maintaining consistent policies and procedures to ensure high levels of availability, enterprise-ready information security and robust business continuity planning. You want to be assured that we are constantly vigilant in following our published policies. To give you this assurance:
- We undertake quarterly vulnerability testing and can confirm dates of the most recent test completed.
- We undertake annual penetration testing and can confirm dates of the most recent test completed.
- We make our SSAE16 Certificate of Audit available.
However, in some cases customers have a requirement for them to complete their own audit.
Customer Audit Policy (Unlimited Edition)
For customers on the Unlimited Edition, we will allow you and your Authorised Auditors to access our premises, personnel and relevant records as may be reasonably required to verify ProofHQ’s compliance with the Contract.
You may audit us in relation to the Services only. You may order it us no more than once every twelve months. Each audit will only apply to the previous twelve months activity. You must provide at least one calendar month’s notice of your intention to conduct an audit. Your notice should include a description of your staff that will be carrying out the audit and issue(s) that will be the subject of the audit. The audit will not give you rights to access any information other than that directly relating to the provision of the Services. The audit must take place during our normal business hours, and, to the extent practicable, will be conducted with minimal disruption to our business. You and your Authorised Auditors will be subject to the security obligations applicable to our premises and will have their access controlled and monitored by us. We will provide you and your Authorised Auditors with all reasonable co-operation, access and assistance in relation to each audit, subject to your confidentiality obligations set out in our Terms of Service. Any audit will be carried out at your expense, provided that if an audit demonstrates that ProofHQ is in material breach of its obligations under the Contract, you will be entitled to recover from ProofHQ all costs and expenses that you have reasonably incurred in connection with such audit.
“Authorised Auditors” means a member of the Chartered Institute of Accountants which has been appointed by you to conduct an audit of ProofHQ. Any Authorized Auditor must enter into a confidentiality undertaking with ProofHQ on terms that are acceptable to ProofHQ acting reasonably.
If you have any questions about our Customer Audit Policy, please contact your ProofHQ account executive.