IT Audit

Our IT Audits specialization:

Through our networking, we have ready access to subject matter experts or auditors with numerous experience conducting General IT Audits, Cybersecurity Audits, Risk assessment and Information Security Management System (ISMS) ISO27001 audit and ITIL.

Our consultants are familiar with Essential Cybersecurity Controls ECC-1:2018 issued by the National Cybersecurity Authority of the Kingdom of Saudi Arabia (KSA) and other International Cybersecurity Standards.

Our Methodology

It Audit Methodology

IT General Controls Review

Review the effectiveness of the existing IT general controls including IT governance over the applications and Files:

  • Governance, Risk and Compliance (based on Global Technology
    Audit Guide, GTAG, or other similar standards).
  • Framework of Responsibilities (Security Management, Security Administration, Data Owners, System Owners, System Providers, Procedures Owners, etc.)
  • Logical Access Security Management
  • Change Management
  • Computer operations
  • Physical security management

Infrastructure and Network Security Review

Review the Operating Systems, Databases and Network Devices that support the systems in scope:

a) Network Security Governance and Architecture Review

b) Technical Review of Network Security Configurations:

  • Firewall and Router Configuration Review
  • Host Server Logical Security Review
  • Network penetration testing (including external integration points)
  • Vulnerability scanning and assessment, external and internal
  • Phishing email testing
  • Security controls efficacy and gap analysis (against a specific standard ISO27001/2, PCI, COBIT)
  • Cybersecurity Benchmarks with local, regional & global peers

c) Information Security and Cloud policy.

Disaster Recovery Plan (DRP):

Review DRP with adequate disaster recovery arrangements and alignment to Business Continuity Plan (BCP) including Cloud data protection.

Project Management:

Review projects and system development lifecycle.

Installation Management:

  • System software and technical support
  • Hardware management
  • Service Level Agreements with 3rd party service providers
  • Procurement of Hardware and software

Let's work together

We invite you to embark on a transformative journey with Appleberry Consulting. Let us be your partner in driving growth, mitigating risks, and shaping a prosperous future for your organization. Contact us today to explore how we can collaborate to take your business to new heights.