Security Audits

Security Audits are conducted to assess the organization’s current security posture against the desired state of cybersecurity.
The desired state could be legal/regulatory requirements, guidelines, client/ certification standard requirements.

We follow a very methodical approach in conducting security audits.

• IT Asset details are obtained with relevant technical information
• Determination of Audit Scope and Audit Objectives
• Agree on Timelines and Audit stages

• Policies, Processes and Procedures are reviewed
• Existing documentation is collected for further analysis
• Interview of relevant people to obtain operational information
• Client site visits for physical review, whereever applicable

• All information gathered during earlier phases is analysed against the desired state.
• This is done using applicable CAAT (Computer Aided Auditing Tools)

• Findings from analysis phase are given a “Risk Rating” based on criticality.
• Recommended solution for remediation of the findings is shared with the clients
• Security Audits are conducted to assess the organization’s current security posture against the
• desired state of cyber security.
• The desired state could be legal/regulatory requirements, guidelines, client/ certification
• standard requirements. We follow a very methodical approach in conducting security audits.