We identify the gaps between your current practices and standards
Audit is a process of verification of current practices versus standards in order to identify gaps and take actions accordingly. Audit can be conducted either by external or internal professionals according to business requirements.
Audit objectives can include but are not limited to:
+ Checking whether the systems are able to maintain system data, integrity, availability, and help achieve organization objectives
+ Detecting or preventing undesired events by ensuring that appropriate internal controls are in place
+ Identifying gaps between what should be done according to the standards and what is done
+ Checking the performance of the automated information systems in an organization
When performing an IS audit, our experts auditors follow the guidelines described in the ISACA’s Code of Professional Ethics. We begin by identifying and analyzing your business objectives to ensure that your security requirements are aligned and risk-based. Our risk-based audits help optimize efforts on sensitive areas.
Type of audit performed include
+Information security organization audit
+ Business, Operational and IT processes audit
+ Web applications audit
+ IT architecture and infrastructure audit
+ Configuration audit
+ Compliance audit (ISO/IEC 27001-2, CoBiT, PCI-DSS, HIPAA, NIST, etc.)
+ Application code review