Information Security Audit is part of the IT management process, closely related to the risk assessment of the information systems.
Such audit helps you with:
- Assessment of the process efficiency that take place in your organization;
- Identification of risk factors in your company;
- Suggestions for corrective and preventive actions to ensure the effective functioning of the applications and systems in your organization.
The results of the conducted IT audits would help each organization to identify weaknesses in the information systems & data and also to identify short-term and long-term goals for improving its IT processes and infrastructure in order to effectively and efficiently achieve its business objectives.
The IT audit process is built to assess the effectiveness of implemented organizational processes, procedures and controls to protect information assets.
LIREX information system audits may include:
- Server infrastructure
- Virtual infrastructure
- Network infrastructure
- Operating systems and applications
- Staff and information
- Security of IT systems and data (IT Security)
- IT Management Processes (ITSM)
- Business Continuity and Disaster Recovery processes
- Risk Management
As a variety of audits, the company performs and GAP analysis, that aims at performing controls, observations, and audits to determine how their systems, processes, procedures comply with certain requirements dictated by standards and regulations including ISO 27001, ISO 20000, ISO 9001, PCI-DSS, GDPR and others.
Typically GAP analyzes are performed as an initial phase in the project implementation for building and deploying systems of different types, giving an overview of organizations where they are located and what measures they need to take to meet the required requirements.
LIREX is the only organization in Bulgaria, which is certified according to ISO 9001 and ISO 27001 for information systems auditing. LIREX's audit team consists of experts with more than 10 years of experience in the field of audit and information systems management and information security. A wide range of internationally recognized certifications such as supports the expertise of the Lirex team: CISA, ISO 27001 Lead Auditor, ITIL, CCIE Security, MCSE Security, Security +, SCSE, INFOSEC, CobiT, CEH, CPTE and many others. In practice certificates for security management, IT services and quality proved that LIREX has systematic, repeatable, structured approach for the implementation of projects related to the audit of information systems. In this way, LIREX guarantees its customers high quality of the information systems audit services.