Information security audits help organisations identify shortcomings and development needs related to information security in their information systems. The audits take account of the information security requirements related to the organisation and its field of operation. We also provide support with the implementation and monitoring of the suggested development measures.

We will determine the scope of the information security audit in cooperation with the client. The audit can concern a single process, a sector of operation or the entire organisation. After the audit, you will be provided with a report on the state of your information security and recommendations for development.

An information audit will help you ensure that your critical business information is appropriately protected against risks.

You will also be able to ensure that:

Responsibilities related to information security and data privacy are met
Information security requirements related to data are identified
Data is appropriately protected and backed up
Access rights are appropriately managed and monitored
Use of data is appropriately monitored
Sufficient attention is paid to preventing misconduct.

The frameworks used by our experts in their work include the Control Objectives for Information and Related Technology (COBIT), Information Technology Infrastructure Library (ITIL), ISO 27000 information security standards, VAHTI criteria and sector-specific requirements.

Our information security auditing services cover:

Development of information security management
Auditing of systems and information security
Assessment of compliance
Assessment and development of continuity, recovery and preparedness planning.