5. Audit Obligations
Processor shall provide a copy of its most current security report upon Client’s written request and subject to the confidentiality provisions of the Agreement. If Client requires additional information beyond that which is stated in the Report, Client may contact Processor at firstname.lastname@example.org to request an on-site audit of the architecture, systems and procedures relevant to the protection of Client Personal Data that are controlled by Processor. Client shall reimburse Processor for any time expended by Processor for any such audit at Processor's then-current professional services rates, which shall be made available to Client upon request. Before the commencement of any such audit, Client and Processor will mutually agree upon the scope, timing, and duration of the audit in addition to the reimbursement rate for which Client shall be responsible. Client shall promptly notify Processor with information regarding any non-compliance discovered during the course of an audit.