Irisk offers IS audit on entire IT infrastructure including Data centers. Ths scope also includes audit of cloud infrastructure security.
Scope
- IT security Policies Review
- Data base security controls testing
- Operating system Controls testing
- Network Access controls testing
- Password Management controls testing
- Internet Usage controls testing
- Email controls testing
- Application controls testing
- Physical access controls testing
- Environmental access controls testing
- Backup & restoration controls testing
- BCP/DR Plan controls testing
- Router Controls testing
- Firewall controls testing
- Patch management & cloning controls testing
Irisk’s IS Audit approach includes:
- Study the IT environment and network diagram.
- Interview the Process owners
- Gather evidences for existence and operating effectiveness of controls.
- Reporting on audit observations with deviations noted and management response with action plan to close the deviations.
Irisk follows best practices for Audit and uses Audit tools like ACL/IDEA for Data Analysis