Cybersecurity Compliance Audit
A security audit is a systematic, measurable technical assessment of how the security policy is employed by the organization. It is a systematic evaluation of an organization’s compliance to a set of established information security criteria. The security audit includes assessment of a system’s software and hardware configuration, physical security measures, data handling processes, and user practices against a checklist of standard policies and procedures. It ensures that an organization has and deploys a set of standard information security policies. It is generally used to achieve and demonstrate compliance to legal and regulatory requirements such as:
PCI-DSS 3
HIPPA
NESA
CoBIT 5
ITIL v3
NIST – (FISAM NIST SP 800)