Make your IT landscape secure

WHAT VALUE DO IT AUDITS BRING TO YOUR ORGANIZATION?

  • Get a clear and thorough view on your IS/ICT architecture with identification of risks and recommendations of possible synergies and improvements
  • Put your IT staff to the test and learn how good they are
  • Find out whether your information systems are prepared for emergencies and unexpected situations such as security threats, large data losses, etc. 

AUDIT OBJECTIVES

1
To show you the actual state of your IT landscap
2
To give you best practice recommendations allowing you to increase the efficiency and effectiveness of your systems
3
To ensure higher data safety and security in your organization
4
To give you better IT services and quality of life

IT DEPARTMENT AND IS/ICT ARCHITECTURE AUDITS

Intended primarily as a management tool, these audits help you find out whether or not your organization has the required processes and supporting systems to monitor service quality or infrastructure functionality.

As-is analysis

  • Assessment of current systems and their fitness for the intended purpose
  • Evaluation of supporting tools in use
  • Verification of the main parameters of different systems
  • Job descriptions

Identification of risks

  • Identification of weaknesses and vulnerabilities
  • Assessment of user authorizations system in use
  • Evaluation of weaknesses and vulnerabilities in terms of their impacts on core and secondary business activities

Audit report

  • In-depth overview of the current state of your IS/ICT infrastructure
  • Summary of weaknesses and vulnerabilities with risk level estimates
  • Best-practice recommendations for risk mitigation actions

SECURITY AUDITS

Data security

  • Computer networks without efficient safeguards are extremely vulnerable. Our security audit will help you find out whether your IT systems are secure, pinpoint potential risks and threats and turn your infrastructure into a well-oiled IT powerhouse meeting the strictest security standards
 

What benefits will you get from a security audit?

Security audits will allow you to:
  • protect your infrastructure from unauthorised access
  • make sure your data is not compromised or stolen 
  • store user data in a safe and secure manner


Why are external audits better than in-house ones?

  • Not “knowing” the network, external auditors can make no assumptions and have to obtain all required information from existing documentation and in-house IT staff or current service providers
  • An unbiased view from the outside often reveals previously unseen aspects and connections
  • Some of these findings may be unknown to or ignored by current network administrators
  • External auditors have broader experience with different computer networks and their components

Security audits cover the following key areas:

  • Infrastructure (internal/external, white-box/grey-box/black-box testing)
    • Internal and external security
  • Processes
    • All IT security related processes and policies (account management, monitoring, incident handling, etc.)
  • Software
    • Security of specific applications, code reviews
  • Physical security
    • Building access, access control systems (cards, tokens, etc.) 
  • Social engineering
    • Testing of employee resistance to cyber threats (such as phishing or scam e-mails)
  • Data security 
    • Data processing, backup and data transfer policy

Deliverables

  • Audit report with a comprehensive assessment of your network’s security (including its physical and logical integrity) and proposals of follow-up actions to minimize or eliminate potential risks and threats.
  • Optional follow-up security awareness trainings for your employees as an efficient method of ensuring compliance with best security practice.
  • Entities subject to the Czech Cybersecurity Act may receive certificates showing whether or not their IT landscape satisfies the applicable requirements. In addition, we also perform audits according to ISO 27001.