+91 77220 38357

Security Audit

Security Audits are conducted to assess the organisation’s current security posture against the desired state.

Desired state could be a legal / regulatory requirements, guidelines, client/ certification standard requirements.
We follow a very methodical approach in conducting security audits –
1. Project Initiation Phase –
  • IT Asset details are obtained with relevant technical information

  • Determination of Audit Scope and Audit Objectives
  • Agree on Timelines and Audit stages
2. Information gathering Phase –
  • Policies, Processes and Procedures are reviewed
  • Existing documentation is collected for further analysis
  • Interview of relevant people to obtain operational information
  • Client site visits for physical review, whereever applicable
3.Analysis Phase – 
  • All information gathered during earlier phases is analysed against the desired state.
  • This is done using applicable CAAT (Computer Aided Auditing Tools)
4. Reporting Phase –
  • Findings from analysis phase are given a “Risk Rating” based on criticality.

  • Recommended solution for remediation of the findings is shared with the clients