Security is the main concern of every business Era. Information Security audit which protects the user data and information using international rules and regulation. IS audit reduces the risk of confidential information leaks, increases control over any IT and cybersecurity unit and it also helps to create or improve any business process.
Information Security audits mainly examines like an information security system check, finding the best solution, Recommendation, and finally generate the final report.
IS audit focus three keywords areas like administrative section, IT section, Procurement section to control the information.
Some other IS audit data collection areas are :
1.People
2.Product
3.Process
4.Partners
5.Technology
We use ISO/IEC 27001 For Information Security management Management ISO. Information security Audit Area is listed below:
- IT Management
- Departmental Setup
- IT Purchase & AMC
- In-house Application
Development and
Maintenance (SDLC Audit) - Outsourced
Development/Purchase - Application rollout and
training - Change Management
Procedures - IT infrastructure
Operations - Physical Access and
Environmental controls - Logical Access Controls
- Networking
Administration - End-User Computing
- Review of logs and
reporting of security
incidents - IT Training
- MIS Reporting
- Business Continuity
Planning / Disaster
Recovery Planning - WAN Management
- Database Administration
- Data Migration Audit
- Documentation Audit
- Functionality Audit
- Source Code Audit
- Data Centre Audit / DR
site audit
If you Learn about more Visit the following links
