Audit and testing
IT security audit
What is an IT security audit?
An IT security audit reviews a company's IT security against a benchmark defined in advance. That benchmark can be a recognised standard, a set of legal requirements or the auditor's own checklist.
What separates an audit from a check is the benchmark and the evidence. An audit records for every requirement whether it is met, partly met or open. The result is an audit report you can put in front of a third party such as an insurer, a client or an authority.
Internal audits are run by the company itself, external audits by an independent party. A certification audit against ISO/IEC 27001 is different again: only an accredited certification body may carry it out.
The IT Check as an independent audit Compliance and standards
All terms in the knowledge base
Note: This entry reflects the state of knowledge to the best of our understanding and serves as general orientation. It is not legal advice. What counts is always the version currently in force at the responsible body, for example dsb.gv.at, nis.gv.at or enisa.europa.eu.
From the term to practice
Where does your business actually stand?
The IT Check reviews your IT across 8 audit areas with more than 100 individual checks and delivers documented findings with a prioritised action plan. From 1,299 € excl. VAT. The first call takes 20 minutes and carries no charge.