Cybersecurity Compliance Audit

A security audit is a systematic, measurable technical assessment of how the security policy is employed by the organization. It is a systematic evaluation of an organization’s compliance to a set of established information security criteria. The security audit includes assessment of a system’s software and hardware configuration, physical security measures, data handling processes, and user practices against a checklist of standard policies and procedures. It ensures that an organization has and deploys a set of standard information security policies. It is generally used to achieve and demonstrate compliance to legal and regulatory requirements such as:

  • ISO 27001

  • ISA-99/IEC-62443

  • Cloud Security Alliance – STAR

  • PCI-DSS 3

  • HIPPA

  • NESA

  • CoBIT 5

  • ITIL v3

  • NIST – (FISAM NIST SP 800)