IT Control Audit
An IT control audit is an essential first step to mitigate the business risks of cyber fraud, data breaches, user access and disaster recovery. Our IT Audit Report will highlight all risks that are identified as part of our IT Audit, in an easy to read, jargon-free format. Each IT risk identified is assessed by a series of risk ratings.
Each risk is then expanded to identify the IT observation, the risk to your organisation and our recommendations. There is also an opportunity for the management team to respond to each risk, and assign time frames for corrective actions.
If you choose to have a follow-up IT audit conducted at some point in the future, this report can act as a reference point to assess progress.
What Does An IT Audit Involve?
We will conduct detailed testing of your IT environment including:
- Initial review of all of your documented IT policies and procedures, identifying any shortfalls and gaps that need to be addressed.
- Assessment of all warranties on hardware and software, identifying any assets that are currently not covered.
- Review of the current server capacities and any that are at risk from malfunction based on age/usage/type.
- Assessment of whether current IT management ensures compliance with IT best practice and regulations (e.g. Data Breach legislation 2018).
IT Control Audit Process
Step 1: Review documented IT policies and procedures.
This can include backup procedures and disaster recovery, password protection, network configurations and schematics.
Step 2: Obtain Administrator Logins
Our expert IT managers will start by getting access to the all the relevant IT systems and software.
Step 3: Management Planning Meeting
This is an opportunity for you to raise and discuss any particular areas of concern prior to the start of your IT audit.
Step 4: On-Site Audit Testing
On completion of the first 3 steps, we can then start the IT audit process. Typically this can be completed in 2-3 days.
Step 5: IT Audit Report Draft
We will produce a draft report highlighting our key findings and recommendations. This can usually be completed within a week of our on-site audit.
Step 6: Delivery Of Audit Report
You will then receive a copy of the audit report for internal review and discussion. We pride ourselves on ensuring they are written in plain English, avoiding as much technical jargon as possible.
Step 7: Face to Face Meeting
We will then arrange a convenient time to meet with you to discuss the findings of the audit and agree an action plan.