A vendor's acceptance of a right-to-audit clause in an agreement is an implicit consent for unannounced security audits at any time during the contractual period.
While a right-to-audit clause does provide an organization with the authority to audit a vendor, it does not typically grant the right to perform unannounced audits 'at any time'. Such clauses generally include terms that specify the conditions under which audits can be performed, including arrangements for reasonable notice and scheduling to avoid business disruption.