Information Security Audit

The Reliant Information Security Audit enables you to understand and manage your risk by answering your questions:

  • How secure am I?
  • Where should I be?
  • How do I get there?

How secure am I?

Our detailed technical assessment encompasses a standards based audit, internal and external vulnerability assessment. Specifically a review of the following items is included:

  • Internet Security Policy
  • Information Technology Policies
  • Disaster Recovery / Business Continuity Planning
  • Topology: Internal Architecture and External Connectivity
  • Router / Infrastructure Security
  • Server Security
  • Network Sharing
  • File / Directory Access control lists
  • Account Policies
  • Password Security
  • Workstation Security
  • On-line banking / E-Commerce
  • Encryption, VPN, website connection security
  • Firewall Configuration
  • Firewall Vulnerability Scanning
  • Firewall / Connectivity Exposure
  • Dialup Accessibility Vulnerability
  • Account Management (Local / Wide Area / Remote)
  • Logging activity
  • Internet Service Provider Host Security
  • Physical Security

Where should I be?

You can rely on Reliant’s extensive experience with various security requirements to help prepare you for your review. We can help you understand how to meet financial institution regulatory requirements (OCC, FFIEC, FDIC, NCUA, GLB, and State), healthcare (HIPAA and GLB) and industry standard requirements (COBiT, ISO 27002, NIST 800-53 and others).

How do I get there?

Mapping the assessment of your existing infrastructure and systems against standards is only half the battle. The resulting report details what is needed to satisfy each of the requirements of the assessment and how to accomplish each of the steps. Our recommendations are practical and specific, shortening the time and expense you devote to remediation. Our final report is often used as a step-by-step working document to correct any control concerns. Please ask us for a sample report to see if it meets the needs of your organization.