|
An IT security audit is a specified process that is devised to assess security risks in a business surrounding.
ECB Audit System
A team of „auditors”, with technical - and management knowledge of the information technology as well as the company processes of the company, will accompany the process. During the audit the team will interview staff members, will perform vulnerability appraisals, register the existing security policy and procedures and examine the IT system which is treated within the scope of the audit. ECB auditors use the especially developed ECB audit systems to perform the audit efficiently.
ISO 27001, (formerly ISO 17799), or the well-known Code for Data protection, is the standard for the security structure of your information. By enriching your organisation with the organisation according to the Code for Data protection you obtain more certainty concerning the security of your data. By auditing according to standards, insight in subjects which need more attention, in your information security organisation, can be obtained.
International policy
An important task is making the formalised structure for the information security processes clear and making standard applicable security techniques when required. The functioning area of responsibility can indeed be extensive. Everything from risk calculation to the realisation of security policy, from human means questions to the definition of security duties, must be managed.
Complete protection against coming in and going out threats to a company requires a policy that not only aims on regional legislation, but adapts itself also to new international legislation.
We perform Information Security audits in following sectors:
|
