A security audit is a structured review of the security configuration of your systems against a recognised framework, such as ISO/IEC 27001, NIST, PCI DSS and the GFSC Cyber Security Rules. These reviews are not limited to technological controls; we consider people and processes too. A typical review might include:
You will receive a detailed report explaining the issues and deficiencies, and what impact they may have on your organisation. Every finding has practical risk-based recommendations for mitigation. Issues are assigned a risk rating to help you prioritise you remediation work. Other benefits of our work include:
Assessments are tailored to comfortably fit budgets and businesses of all sizes. A review can range from a full audit of all aspects of information security, to a deep dive into one particular area, or a simple health-check that only covers key controls.