ASSESSMENTS & AUDITS
Information technology assessments generally involve an all-encompassing analysis of the relevant areas of your organization’s systems. Including, but not limited to the policies, procedures, and organizational processes behind them. In other words, the Information technology assessment is a comprehensive look at both your organizational information technology and how it gets used.
While many organizations are obligated to have a regular assessment of their systems for compliance or regulatory purposes (such as a HIPAA or PCI DSS audit), all organizations should perform an IT assessment annually as part of an overall comprehensive information security program.
Each IT assessment is custom-tailored to your unique organizational needs. In general, assessments include hands-on security testing and documentation review. Additionally, we recommend vital personnel procedures that closely examine your:
- Network: architecture, firewalls, routers and rule sets, intrusion detection and preventions.
- Servers & Desktops: security & monitoring, user account and access rights
- Event logging: security and errors
- Back up systems and recovery plans
- Physical Security measures
- Disaster recovery policies and so much more
After the full IT assessment is complete, MacroSEC provides a comprehensive report that details the risk level and a recommended course of any necessary remediation. We then take the time to ensure you fully understand each finding and the recommended course of action. Unlike most other companies, we work with you to perform the remediation if you so choose.