Presentation
The audit activity is a methodical process, independent and well-documented, which consists in gathering and aggregating objectives facts about your information system.
Generally every audit project is accompanied with a consulting service, as technical as organizational.
This activity can be declined as:
- needs audit, project managing
- existing information system analysis
- inventory, configurations checkup
- risks detection and classifying
- prior actions identification
- security politics study
- ethic charter study
- technical audit:
- Bandwith analysis, streams classification, QoS
- Latency identification et network and applications response time
- Intrusion tests, system audit, security flaws determination
Norms
We assists you with quality norms:
- ISO 27001 : Security Management Policy of the information system
- ISO 17799 / 27002 : Good practices reference
- ISO 13335 : Computer security approach
- ISO 15408 : Commons Criteria
- Mehari method, EBIOS (DCSSI ), ...
