A security audit is one of the ways of assessing the level of information security in terms of organization, process, and technology. It assesses the level of compliance of internal security policies, methodologies or guidelines with the requirements of legislation or ISO 27000 standards for hardware, procedures, and behaviour of information system users.
We start from the so-called best practices - proven recommendations and best practices for IT systems security, processes, documentation, but also for industrial security.
Why choose our services
Comprehensive view of Security
The audit we carry out in your company is done both on-site and remotely. We summarize and review relevant IT informational systems assets, security documents, conduct testing, and conduct audits to verify controls.
The output of the audit is a high-level document assessing the current state of cybersecurity of IT or OT systems with identified risks and threats and relevant legislation. It contains a framework for technical and administrative measures and a risk minimization strategy.
We follow the requirements of Act no. 69/2018 Coll. on Cyber Security, Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 - NIS, ISO / IEC 27000 standards, as well as standards for information security of ISO / IEC 62443 and NIST 800-82 industrial control systems.
Our experts have years of experience in technical security, physical security, cyber security management, and information security management. They have the knowledge of data centers, the physical security of the perimeter and the architecture of IT and OT systems.