The IT security audit is a professional solution that Business Continuity Consulting offers to its clients in order to determine all vulnerabilities of the information systems. The result of this action is the objective assessment of the needs of the IT systems / networks belonging to the clients and the proposal of viable solutions to eliminate the discovered vulnerabilities. The IT security audit consists, but is not limited, in:
- Assessing the practical implementation of the information security management system, according to the ISO 27001 or another similar international standard;
- Evaluation of the information security from the perspective of the storage media protection, information exchange, protection of the information in transit, destruction and protection against information leakage;
- The evaluation of the aspects related to the physical security refers to the spaces where the components of the communication infrastructure are located, the means for ensuring the microclimate conditions, power supply, fire protection, floods, personnel access control, surveillance, alarm, as well as other specific measures;
- Verification of the technical controls implemented on the network infrastructure;
- Verification of the technical controls implemented on the network monitoring software application;
- Verification of the technical controls implemented on the server;
- Verification of technical controls implemented on workstations.