Information Security Assessment
Providing Australian Businesses Peace of Mind Through the Understanding of Their Security Risks & Providing a Cyber Security Roadmap.
Who is it For?
The 3 phase approach can then be customised to suit your timeframe and requirements, however, it will typically be a 4 week timeframe with the following breakdown of tasks:
Week 1: Initial Consultation
Holocron consultants will meet with stakeholders in your organisation to understand the business and its information security needs. In addition, the consultant will request access your organisation’s existing information security policies, procedures, and practices, so this can be reviewed. Gathering information and contact details on any third party companies or platforms will also be required.
Week 2: Exam and Analyse
Holocron consultants will conduct a thorough review of your organisation’s information security systems and practices. This will involve reviewing documentation, observe processes, and test systems and controls. The aim is to gather data and evidence to help evaluate the effectiveness of your organisation’s information security practices.
Weeks 3: Compile Report
The consultant will then begin to compile a report detailing the findings of the audit. This report will entail a high level essential 8 review, individual findings for all aspects of the assessment, including physical security, third parties, physical infrastructure, network devices and policies and procedures. An internal peer review will then fellow, where follow senior consultants will review to ensure accuracy of findings.
Week 4: Presentation and Consultation
The consultant will then meet with key stakeholders in your organisation to discuss the findings and recommendations in the report. The final report will be presented and provide recommendations for improving the organisation’s information security systems and practices.
What it Encompasses
An information security audit is a process of reviewing an organisation’s information security systems and practices to ensure that they are adequate and effective in protecting the organisation’s sensitive data and systems from cyber threats. During an information security audit, the consultant will typically review a wide range of areas related to the organisation’s information security posture. This may include:
Policies and procedures
The consultant will review the organisation's information security policies and procedures to ensure that they are documented, up-to-date, and effective.
The consultant will review the organisation's network security measures, including firewalls, intrusion detection systems, and other security controls.
The consultant will review the organisation's access controls to ensure that only authorised users have access to sensitive data and systems.
The consultant will review the organisation's physical security measures, including controls to protect against unauthorized access to data centres and other sensitive areas.
The consultant will review the organisation's data security measures, including controls to protect against data loss, data breaches, and other security incidents.
The consultant will review the organisation's vendor security practices to ensure that vendors with access to sensitive data or systems have adequate security controls in place.
The Benefits for Your Organisation
The Risks of Not Doing an Audit
Talk to a cyber security expert today and secure your systems & data
Talk to one of our leading cyber security experts today, about how we can help you mitigate threats and safeguard your business.
30 min. consult with a trusted security expert