Security review

IT Security Review

A professional service to independently review your organization's IT security

It's good practice for your organization’s approach to managing information security to be reviewed  at planned intervals, or when significant changes occur. To ensure objectivity and impartiality, those reviews should be performed by people that are independent of the area being reviewed.

In fact, such independent reviews are required for any organization seeking to be certified against the ISO 27001 Information Security standard. In the latest 2022 version of the standard, its a requirement that's specified in Annex control A5.35.

In many organizations, the need for that independence can be difficult to achieve due to resourcing issues, or a lack of specialist knowledge outside of the area responsible.

Qudos can offer a great solution with independent reviews of the technical components of your information security by qualified and experienced specialists. An initial review is often performed in tandem with a Gap Analysis against the ISO 27001 standard.

The ciontent of reviews may vary but might typically include:

  • IT Infrastructure Overview
  • Analyse Security Principles
  • Anti-Virus and Firewall Hardware and Software
  • Network Security and Access
  • Passwords and Authentication
  • Account and User Management
  • Data Confidentiality and Classification
  • Data Encryption
  • Analyse Physical Access
  • Data Backup
  • Disaster Recovery
  • IT Hardware and Software Update Management
  • Software Asset Management
  • Inventory Asset Management

The review may be performed on site, remotely, or a combination of both as deemed appropriate.

Contact us now for further information, and a no-obligation, fixed-price proposal.