IT Auditing, Compliance & Review

IT auditing, also known as IT, computer, network or systems auditing, is a professional discipline involving several different techniques for independently reviewing computer and network systems, IT departments, IT-related security controls and an organization’s use of information. Here are some examples of IT audit reviews typically performed by SNT consultants:

Governance & Compliance Controls

IT and Network System Security Controls

Post-Incident Reviews

Contingency Planning & Disaster Recovery

Within IT departments and development projects e.g. management structures, financial planning, management information and reporting, post-implementation reviews, IT strategy reviews including the relationship to other business strategies and corporate functions

e.g. reviewing information security controls during the testing phase of systems development, or on operational systems and networks (technical, physical and/or procedural controls; preventive, detective and/or corrective controls)

Discover and address the root causes of information security incidents (the auditors’ independence and objectivity is a crucial factor here)

Including the IT elements of contingency planning and management, focusing on business continuity planning and disaster avoidance through resilience and other controls, using on physical security, uninterruptible power supplies, air conditioning, fire/flood protection etc. for the computer suite

Our policy management and integration services cover the following major areas of compliance with reviews carried out to ensure policies include all new technologies as they are released

IT Acceptable Use Policy
IT Account Management Policy
IT Data Retention and Disposal Policy
IT Data Encryption Policy
IT Email and Internet Use Policy
IT Malicious and Unauthorised Software Policy
IT Remote and Mobile Working Policy
IT Removable Media Policy
IT Third Party Access Policy
IT Wireless Network Security
IT Security Incident Reporting
IT Change Management Policy
IT Acquisition Development and Management Policy
IT Data Security Marking & Data Management Policy
IT Communications and Operations Management Policy
IT Data and Asset Management Policy
IT Data Backup Policy
IT Password Management and Use Policy
IT Workstation Security Policy
IT Vendor Management Policy
IT Server Security Policy
IT Risk Notification and Management Policy
IT Server Security Policy
IT Application and Database Security Policy
IT System Monitoring Policy
IT Mobile Telephony and Smartphone Usage Policy
IT Bring Your Own Device Usage and Guidelines Policy

Need more information about our services?

Contact us by phone on 0333 3443 071 or fill in this short form and we will get right back to you...