IT security consulting – PR-AUDIT Ltd.

Fulfilling the role of Information security officer

Preparing and updating policy concerning information security and IT operation
Accomplishment of legal compliance audits,
Verification of IT systems and their control processes,
Conducting IT risk assessments,
Regular IT security reports for owners, upper management and internal auditors
Information security trainings,
Inspection and handling of security incidents.

Preparation for and accomplishment of IT audits

General controls review (GCR)
Application audits (ASA)
Necessary preparation for obtaining the ISO27001 certificate
Legal compliance audits (in compliance with the Act on Credit Institutions and Financial Enterprises,
Information Security Management Act)
SOX audit
PCI-DSS preparation and audit

IT risk analyses

Identification of critical business processes and their selection for risk analysis,
Identification of security-related weak points of the IT system elements,
Tests concerning the existence and the operational compliance of security controls,
Conformity check of regulations and their application in practice,
Preparation of risk analysis reports.

Preparation and verification of regulatory elements

Information security policy
Information security strategy
User right management procedures
Change-management procedures
Incident-management procedures
Business continuity plans and disaster recovery documents