This is the first step in helping companies to secure their business and manage their exposure to risks, particularly cyber-attacks.
The organisational audit ensures that the IS complies with the Information System Security Policy or initiates its drafting.
Several themes are covered in an IT security audit, ranging from physical security to governance. At the end of the audit, a deliverable detailing the areas for improvement with tailor-made recommendations is produced.
A security audit is also recommended before taking out a cyber insurance policy, as it provides an indication of the level of maturity of the IS in the face of cyber risk.
At CnC Expertise, our staff are former auditors and follow tried and tested methods such as ISO/IEC 27002.