Voted Best Answer
Mar 28, 2018 - 01:43 AM
We absolutely do. Since SAM has been implemented here, we work closely with legal team and our CIO to understand the vendors current contractual audit rights, what we can physically manage with our resources and adding additional clauses.
That way, we can modify the audit clauses so that they (for example), don't audit us for a least 6 months of signing/renewing the agreement, accept our resource constraints when setting deadlines for information and data and also specific clauses about what the auditor can and cannot access remotely.
Whilst we only have this in new contracts, and vendors haven't been very happy about changing T&Cs they've had 'with your company for 10 years', it's something we absolutely need to do and manage.
We'll continue to do so with each contract and vendor we renew licenses / SaaS with.