IT Audit & Compliance

Service Summary

Implement Effective Controls

The IT compliance audit service comprises of a full systems audit review in accordance with PCI DSS, SOX, COBIT, ISO 27001 and other standards, covering all respective areas of information security management. IT audit assists businesses to identify the risks associated with the extensive use of IT systems and maintains a controlled business environment for secure operations and business processing.

Process Description

We provide IT audit for a number of international standards like ISO 27001, PCI DSS, COBIT, Basel and others. The best practice standard for information security management is ISO 27001, on which, we base our standard audit scope and control checklist. If the client has other compliance requirements we design our audit scope and checklist in accordance.

Our standard audit scope for the ISO 27001 testing procedures includes the following 11 domains of information security:

Security Policy
Organization of information security
Asset Management
Human resources security
Physical and Environmental Security
Communications and Operations Management

Access Control
Information systems acquisition, development and maintenance
Information security incident management
Business Continuity Management
Compliance

During our audit procedures we check each control objective for its design, implementation and operating effectiveness, as per the Global Audit Methodology (GAM). The meaning of each of these three stages of testing is described below:

Design - a policy / procedure stated and approved by the company
Implementation – how the stated policies / procedures are implemented in the systems and business environment
Operating effectiveness – how the implemented controls are functioning over time

The main deliverables from the IT audit are an independent IT audit report stating the areas of risks on the business and any control weaknesses that have been noted over the audit period. In some cases evidence of fraud or override of controls is noted where further forensic investigation procedures may be initiated by the client.

Client Cases

Many successful projects across Europe, North America, UK, Africa and Australia, provide a proven professional track record and guarantee the high quality of our services. Some of our past projects have been described below as client cases from our portfolio.

Contact Us

NetSafety was founded in 2009, in Sofia, Bulgaria, since when we have developed into an international consulting practice, with a global client portfolio. Our firm's reputation is built on integrity, professional business conduct and a high quality of service in everything we do.

Simply call us to schedule a meeting and discuss your business needs.

NetSafety Ltd.
Risk Management Consulting

E-mail:
team@netsafety.eu

Contact:
(+359) 88 9387598

Office location:
Sofia, Bulgaria

Google Sites

Report abuse