A security audit is a type of cybersecurity project where the auditor is given full access to the client company’s computers and network. The audit usually involves collecting a complete inventory of all devices connected to the network including computers, printers, servers, routers, switches, firewalls, and wireless access points. We record computer operating system versions, and installed software. We look at any online or remote access services that employees may use in the course of business. Employees may be interviewed in order to understand process and procedures of the business relative to their computer network. Sometimes a vulnerability scanning tool is used to query all the devices on a network. This audit and the following report will be used to establish a baseline, and provide the basis for a discussion about the security posture of the business.
PCI/DSS, HIPAA, GLBA, SOX, client or vendor requested
Your organization may be in a regulated industry, or you may have received a request from a large client or vendor to provide documentation around your company’s security practices, and some sort of automated examination of the internal and public networks. We can provide assistance with the documentation and provide a full network scan to validate the security of the network and systems.