The main purpose of an audit is to establish and understand an organisations Information Security Management System (ISMS).
This will include looking at the:
- Planning activities
With the new changes to EU GDPR coming in 2018 make sure your company complies by having a audit is a must but there are also other lesser known benefits outlined below.
- Confidentiality, integrity, availability of information
- Customer loyalty
- Repeat business and referral
- Operational results: revenue and market share
- Review threats & vulnerabilities regularly
- Effective & efficient use of resources
- Alignment of processes to achieve desired results
- Competitive advantages via improved organisational capabilities
- Motivate people to participate in achieving organisation goals & improvement
- Ability to create value for both organisation & its suppliers by optimisation of cost & resources
An audit will make sure your company is watertight when it comes to security or let your company know where it needs to improve based on but not limited to the 3 pillars of information security outlined below:
Confidentiality: Protection of information that is in any form, while in storage, processing or transport from being available to any organisation/ person that is not authorised by its own to have it.
Integrity: ensure information is accurate & complete in storage & transport, that its is correctly processed & that it has not been modified in any unauthorised way. Also establish the integrity of the networks & systems that we connect to & ensure they do what they intend to do.
Availability: Ensure information is available to those who are authorirised to have it, when & where they should have it.