Auditing

Adding pace to your Business

IT Auditing

A structured review designed to highlight any gaps between the current reality of an organization’s information security capability and recommended industry standards. It is conducted as a questionnaire which contains a technical evidence & interview-based audit which covers two broad areas.

  • Business Operations Information security
  • Technical Security

Softaxa produce a report which includes a maturity level rating with recommendations on how the organization can improve in each area. The Audit Covers the Following Points

  • Leadership and Governance
  • Information Security Strategy
  • Information Security Policy and Objectives
  • Roles and Responsibilities
  • Data Protection and Management
  • Information Security Incident Management
  • Cyber Risk
  • Physical and Environmental Security
  • Human Resource Security
  • Business Continuity & Disaster Recovery
  • Patching and Vulnerability Management
  • Handling of Information Assets
  • Access Control and Data Classification
Softaxa offer follow on consultancy services after the High-Level Security Review to help implement some or all the recommended actions such as :
  • Implementing policies, processes and defining roles and responsibilities
  • Supporting efforts to meet regulatory standards
  • Providing Virtual Information Security Officer Services