A compliance audit is a comprehensive review of an organization’s adherence to regulatory guidelines. Independent accounting, security, or IT consultants evaluate the strength and thoroughness of compliance preparations. Auditors review security policies, user access controls, and risk management procedures throughout a compliance audit.
Independent audit and assessments provide management with the assurance that controls are designed appropriately, and operating effectively
The minimum baseline for all audits is NIST 800-53. This is the framework used for providing “gap analysis” on all systems, from the point of entry to the keyboard. This includes:
Audits and Gap Analysis can be performed on-site, remotely, or a combination of both. The typical process will take three to five days to complete depending on the audit level required. The process will include:
Meet with the stakeholders to determine what level of auditing is required and set the expectations.
We perform audits compliance assessments and gap analysis against standards and regulations such as