High Level Cyber Audit

Organisations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater). You can't hold firewalls and intrusion detection systems accountable. You can only hold people accountable. — Daryl White, DOI CIO

A structured review designed to highlight any gaps between the current reality of an organisations information security capability and recommended industry standards. It is conducted as a questionnaire and interview-based audit which covers two broad areas:

  • Business, Operations Information Security

  • Technical Security

CSA produce a report which includes a maturity level rating with recommendations on how the organisation can improve in each area.

The audit covers the following topics:

  • Leadership and Governance

  • Information Security Strategy

  • Information Security Policy and Objectives

  • Roles and Responsibilities

  • Data Protection and Management

  • Information Security Incident Management

  • Cyber Risk

  • Physical and Environmental Security

  • Human Resource Security

  • Business Continuity & Disaster Recovery

  • Patching and Vulnerability Management

  • Handling of Information Assets

  • Access Control and Data Classification

CSA offer follow on consultancy services after the High-Level Security Review to help implement some or all the recommended actions such as: