security-auditingOur full range of auditing services help you assess and benchmark against best practice, government and industry-specific security standards. Auditing services are delivered through a dedicated, in-house CESG Listed Adviser Scheme (CLAS) team which includes qualified auditors with detailed experience of applying audit standards such as ISO27007 and ISACA guidance.

Auditing skills extend to practical knowledge of tools such as COBIT and VAL IT and key private sector standards such as PCI DSS approved security scanning. Our approach offers an objective assessment designed to be supportive rather than critical. It is delivered in clear reporting language for both technical and non-technical stakeholders.

Security Auditing skills include:

  • Objective & independent assessment of the cyber security operating environment
  • Development of audit strategies and implementation approaches
  • Assessing compliance with internal policies, standards and processes in the context of business and security
  • Assessing compliance with external requirements such as ISO27001, HMG Security Policy Framework and Data Protection
  • Definition of cyber security control objectives
  • Identification of security specific trends
  • Recommendations to support audit findings
  • Training in audit techniques