Audit and testing

IT security audit

What is an IT security audit?

An IT security audit reviews a company's IT security against a benchmark defined in advance. That benchmark can be a recognised standard, a set of legal requirements or the auditor's own checklist.

What separates an audit from a check is the benchmark and the evidence. An audit records for every requirement whether it is met, partly met or open. The result is an audit report you can put in front of a third party such as an insurer, a client or an authority.

Internal audits are run by the company itself, external audits by an independent party. A certification audit against ISO/IEC 27001 is different again: only an accredited certification body may carry it out.

All terms in the knowledge base

From the term to practice

Where does your business actually stand?

The IT Check reviews your IT across 8 audit areas with more than 100 individual checks and delivers documented findings with a prioritised action plan. From 1,299 € excl. VAT. The first call takes 20 minutes and carries no charge.

Book a first call