My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Washington State Department of Licensing (DOL) 5/16/2024
>
Contracts
>
Agreement
>
Other Agreements
>
Washington State Department of Licensing (DOL) 5/16/2024
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
5/16/2024 12:18:04 PM
Creation date
5/16/2024 12:17:43 PM
Metadata
Fields
Template:
Contracts
Contractor's Name
Washington State Department of Licensing (DOL)
Approval Date
5/16/2024
Department
Public Works
Department Project Manager
Corey Hert
Subject / Project Title
Vehicle Data Sharing Agreement
Tracking Number
0004357
Total Compensation
$0.00
Contract Type
Agreement
Contract Subtype
Other Agreements
Retention Period
6 Years Then Destroy
Imported from EPIC
No
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
13
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
Download electronic document
View images
View plain text
<br /> <br />Attachment E - Audit and Annual Internal Assessment <br /> <br />AUDITS <br />Licensee shall obtain Permissible Use and Data Security audits as required by RCW 46.12.630 and <br />this Agreement. <br />Data Security audits must demonstrate compliance with Data Security standards adopted by the <br />Washington State Office of the Chief Information Officer (OCIO), and as set forth in Attachment B - <br />Data Security Requirements. At a minimum, audit(s) must determine whether Data Security policies, <br />procedures, and controls are in place to ensure compliance with all Data Security Requirements set <br />forth herein, and as required by state and federal law. <br />Permissible Use Audits must demonstrate compliance with Permissible Use standards as set forth on <br />Attachment D – Permissible Use Requirements. Audit(s) must determine whether Permissible Use <br />policies, procedures, and controls are in place to ensure compliance with all Permissible Use <br />requirements in this Agreement. <br />DOL will accept all audits that are in compliance with RCW 46.12.630. <br />A. Timing of Audit(s): Licensee must submit a Data Security audit and provide DOL with the <br />complete audit report prior to commencing its Access Period and receiving any Data under this <br />License. If Licensee does not provide a complete audit report within six (6) months of the <br />execution date of this Agreement, then this Agreement will be automatically terminated without <br />further notice. DOL may allow more than six (6) months to provide a complete audit report <br />through written notice if a request is received from Licensee prior to the end of the six (6) <br />month period. Any extension issued under the provisions of this paragraph is subject to <br />Licensee demonstrating substantial progress toward completing an audit report. <br />B. Selection of Auditor: The Data Security audit must be performed by an independent third-party <br />auditor. Licensee may select the auditor, providing that at a minimum the auditor meets one of <br />the following certifications: American Institute of Certified Public Accountants’ (AICPA), <br />Certified Information Privacy Professional (CIPP), ANSI-ASQ National Accreditation Board <br />(ANAB) or other nationally recognized certification. <br />Alternatively, if the Licensee chooses not to select its own auditor, or if DOL does not accept <br />the audit, DOL will then select the auditor on the Licensee’s behalf. If DOL selects the auditor, <br />Licensee must hold DOL and its selected auditor harmless from any real or perceived <br />damages to the Licensee’s company as a result of the audit findings. <br />Licensee has the option to collaborate with DOL in advance to develop the specifics for the <br />scope of an audit, and to predetermine whether an auditor selected by the Licensee meets the <br />standards necessary for DOL’s approval. <br />The Permissible Use and all contract compliance audits will be performed by DOL or its <br />designated agent. <br />C. Cost of Audit: Licensee will be responsible for all costs associated with the audits. If DOL <br />selects the auditor, Licensee will prepay the estimated audit costs. If the actual costs of the <br />audit differ in amount from the estimate, DOL will reimburse or invoice Licensee the difference; <br />final payment must be made within thirty (30) days of receiving the final invoice. <br />D. Corrective Action Plans: Corrective actions plans are required for all deficiencies identified in an <br />audit. DOL has sole discretion on whether such deficiencies should prohibit Licensee’s access <br />to Data. If DOL agrees to maintain access to Data, such access is contingent on the following: <br />• Within a timeframe established by DOL, Licensee must submit a corrective action plan for <br />each deficiency identified by the audit. For each deficiency, the corrective action plan must <br />outline the steps to be taken to correct the deficiency, and a timeline for completing all <br />corrective steps. <br />• DOL will determine whether Licensee is substantially complying with the corrective action <br />plan. If Licensee is not in substantial compliance, then DOL may suspend access to the <br />Data or take other actions as allowed in this Agreement. <br />
The URL can be used to link to this page
Your browser does not support the video tag.