Case Studies

IT Audit

Introduction:

A manufacturing firm with several offices across the country was concerned about the increasing number of cyber-attacks. They had not conducted a cybersecurity assessment for a long time and wanted to allocate a budget for cybersecurity measures. Therefore, they sought to evaluate their current level of implemented controls and identify new controls needed to mitigate risks. They approached Cybernetic GI to perform a comprehensive IT audit of their infrastructure.

Solution:

  • Initial Consultation: Cybernetic Global Intelligence initiated the project with a kick-off meeting with all stakeholders. In that meeting, CGI experts explained the importance of IT audit and discussed the audit plan.
  • Requested prerequisites: In the kick-off meeting, CGI cyber experts shared the list of documentation required before the start of the audit like network diagram, policies, and procedures.
  • Confirmed the scope: During the kick-off meeting, our experts also confirmed the scope of the audit which was documented in the proposal.
  • Audit Plan: CGI experts discussed the audit plan and got the confirmation about the audit dates and execution approaches.
  • Offsite documentation review: After receiving the prerequisites, our team reviewed the documentation and prepared the audit points.
  • Onsite audit: Onsite audit was conducted as per the schedule. During this audit our team checked all security processes, data center and all branches. IT team was interviewed to understand various processes being followed and not being followed.
  • Remote Assessment: Internal and external VAPT, Web Application PT were performed remotely.
  • Comprehensive Reporting: Detailed reports for onsite IT audit and various assessment activities were prepared and delivered to the client. The report provided thorough recommendations for fixing identified issues.
  • Project Closure: The project was concluded after a final review and sign-off by the senior management.