Information Security Auditing

An information security audit is one of the best ways to provide the assurances around the effectiveness of the existing controls, verify compliance with current security polices and validate that documented procedures are followed.

Dragonfly security consultants work closely with small, medium and large businesses to deliver measurable technical assessment of the security of the organisation’s information.

Dragonfly security consultants will, during the course of the audit from initiation to completion:

• Perform an initial pre-audit, including a site survey and questionaries, to gain an understanding of your organisations security audit needs, develop a framework based upon recognised security practices (e.g. ISO27002) and to define the scope of the audit.
• Prepare a detailed audit plan that will cover how the audit will be executed including timing logistics, internal resources, tools and personnel needed.
• Conduct an initial briefing to confirm the scope and objectives of the audit providing an opportunity to resolve last minute questions.
• Execute the on site audit as documented in the audit plan.
• Conduct an outgoing briefing to ensure management are aware of system vulnerabilities or weakness in procedures where an immediate threat is identified.
• Prepare a formal audit report based on auditors findings
• Conduct a ½ day session with management to present the audit report and to answer questions

Dragonfly security consultants follow a proven methodology to audit information systems and procedures using both manual and automated tools to deliver a consistent and successful outcome.

For more information on how Dragonfly can provide an assessment on the security of your information contact a qualified Dragonfly consultant on 1300 663 220 or contact us here today.