36.6.  Auditor

36.6.1.  The Authority may, not more than [twice in any Contract Year], conduct audits for the following purposes:-

a)  to verify the accuracy of the Payment (and proposed or actual variations to the Payment in accordance with this Agreement) and/or the costs of all suppliers (including Sub-Contractors) of the Services;  

b)  to review the integrity, confidentiality and security of the Authority Data;

c)  to review the Service Provider's compliance with the DPA, the FOIA in accordance with clauses 19 (Data Protection) and 24 (Freedom of Information) and any other Legislation applicable to the Services;

d)  to review the Service Provider's compliance with its obligations under clauses 4 (the Services) and 8 (Performance Monitoring);

e)  to review any records created during the design and development of the Services ;

f)  to review any books of account kept by the Service Provider in connection with the provision of the Services;

g)  to carry out the audit and certification of the Authority's accounts;

h)  to carry out an examination pursuant to the 1999 Act of the economy, efficiency and effectiveness with which the Authority has used its resources;

i)  to verify the accuracy and completeness of any management information delivered or required by this Agreement;

j)  to inspect any Authority's assets, including the Authority's IPRs, equipment, facilities and maintenance and Assets, for the purposes of ensuring that the Authority's assets and Assets are secure and that the Rolling Inventory or any other register of assets is up to date;

k)  to ensure that the Service Provider is complying with the Authority Policies and any British or equivalent European standards; and

l)  any other audit that may be required by any Relevant Authority.

36.6.2.  The Authority shall use its reasonable endeavours to ensure that the conduct of each audit does not unreasonably disrupt the Service Provider or delay the provision of the Services.

36.6.3.  Subject to the Authority's obligations of confidentiality, the Service Provider shall on demand provide the Authority (and/or its agents or representatives) with all reasonable co-operation and assistance in relation to each audit, including:-

a)  all information requested by the Authority within the permitted scope of the audit;

b)  reasonable access to any Service Provider's Premises controlled by the Service Provider and to any equipment used (whether exclusively or non-exclusively) in the performance of the Services;

c)  access to the Service Provider's systems; and

d)  access to Service Provider personnel.

36.6.4.  The Service Provider shall implement all measurement and monitoring tools and procedures necessary to measure and report on the Service Provider's performance of the Services against the applicable [Service Performance Levels] at a level of detail sufficient to verify compliance with the Service Performance Levels.  

36.6.5.  The Authority shall endeavour to (but is not obliged to) provide at least fifteen (15) Working Days notice of its intention to conduct an audit.

36.6.6.  The parties agree that they shall bear their own respective costs and expenses incurred in respect of compliance with their obligations under this clause, unless the audit identifies a material breach by the Service Provider in which case the Service Provider shall reimburse the Authority for all the Authority's reasonable costs incurred in the course of the audit.

36.6.7.  If an audit identifies that:-

a)  the Service Provider has failed to perform its obligations under this Agreement in any material manner, the parties shall agree and implement a remedial plan.  If the Service Provider's failure relates to a failure to provide any information to the Authority about the Payment, proposed Payment or the Service Provider's costs, then the remedial plan shall include a requirement for the provision of all such information;

b)  the Authority has overpaid any Payment, the Service Provider shall pay to the Authority the amount overpaid within twenty (20) Working Days.  The Authority may deduct the relevant amount from the Payment if the Service Provider fails to make this payment; and

c)  the Authority has underpaid any Payment, the Authority shall pay to the Service Provider the amount of the under-payment less the cost of audit incurred by the Authority if this was due to a breach by the Service Provider in relation to invoicing within twenty (20) Working Days.

36.6.8.  The Service Provider shall permit records referred to in this clause 36 to be examined and copied from time to time by the Authority's auditor and inspectors and their representatives and other representatives of the Authority.