IS Audit of IT Infrastructure

Irisk offers IS audit on entire IT infrastructure including Data centers. Ths scope also includes audit of cloud infrastructure security.


  • IT security Policies Review
  • Data base security controls testing
  • Operating system Controls testing
  • Network Access controls testing
  • Password Management controls testing
  • Internet Usage controls testing
  • Email controls testing
  • Application controls testing
  • Physical access controls testing
  • Environmental access controls testing
  • Backup & restoration controls testing
  • BCP/DR Plan controls testing
  • Router Controls testing
  • Firewall controls testing
  • Patch management & cloning controls testing

Irisk’s IS Audit approach includes:

  • Study the IT environment and network diagram.
  • Interview the Process owners
  • Gather evidences for existence and operating effectiveness of controls.
  • Reporting on audit observations with deviations noted and management response with action plan to close the deviations.

Irisk follows best practices for Audit and uses Audit tools like ACL/IDEA for Data Analysis