Infosec

"IT is paving the way for digitization. It plays a key role in a company’s success. That’s why IT is so trusted. But IT is also disruptive and complex. Changes to systems, constant threats from inside and outside, and the risk that errors go undetected, require a strong IT organization. An IT audit is a useful means of gaining security. Security that is needed to rely on systems, processes and employees. An IT audit identifies weak points in processes and can use this as a basis for improvements. A functioning IT is essential for your company. You cannot afford failures or errors in processes. IT does not only have a supporting function! The claim: “IT must simply run” is no longer enough. IT is the driving force in a company. Just like in the other departments of your company, it is important to recognize and control risks. These are usually complex topics such as authorizations, data backups or interfaces. The findings from an audit not only help the → Auditor in the context of his audit, but it also serves your company as a yardstick and shows strengths and weaknesses."

Our Security Audits are based on industry-accepted standards such as, CoBIT, and legal requirements specific to the industry and country. The auditing approach is designed to cover all aspects of security including People, Processes and Technology. Our consultants are certified as CISSP, CISA, ISO 27001, and GCIA. More importantly, they possess possibly the widest array of technical expertise (see 'Technical Expertise').

Previous experience in this segment includes application security assessments for CRM and ERP software of large manufacturing and financial firms, e-commerce applications for some of the largest online stores, and client-based encryption software among others. Our skills in this area are demonstrated by the bugs we find in mission critical software from vendors such as Microsoft, Oracle, Macromedia and Nortel. Read our list of advisories here.

Industry Expertise

We have conducted security audits for a wide variety of industries including the following: