Active Audit Agency

т: +38(044) 228-15-88


it audit


What is it?

Information system (IS) audit gives an objective evaluation of its current state, and defines level of compliance to required criteria and standards.  IS audit allows to evaluate the protection level of the system and information risks business impact.

Why do you need this?

Regular IS audit is no less important than financial audit, because of negative subsequenses, which may arise from the information security breaches (it could be finacial losses, reputational losses or some kind of fine from regulators, and even total business loss.

IS audit will give you a solution to solve more problems and will answer to the questions about your IT infrastructure:

  • We decided to build brand new IT system. How do we do it in a proper way?
  • Is this IT infrastructure support our business strategy?
  • What are the information risks for us and what is our concern? How to minimize these risks?
  • What do we have to do first of all?
  • How to reduce the costs of ownership when investing to IT?
  • How to use existing IT resources optimally?
  • How to build monitoring and how to control IT infrastructure?
  • What do we have to do when the disaster occur?
  • How our management can get the fresh and actual information about IT statement?
  • Why do we continue to buy new IT equipment and IT staff in learning permanently? Do we really need this?

How is IS audit conducted?

IS audit is conducted this way:

  • System owner should confirm and approve the goals and the content of an audit;
  • Auditors must obtain up-to-date and real information about cussent state of the system or systems;
  • Information should be assessed and compliance to audit criterias and standards must be established for IS;
  • Results of the assessment and recommendations for system optimization should be provided to the owner;
  • Control should be performed on recommendations implementation.

Our proposal

Active Audit Agency propose audit services to ensure complaince with the following information security standards: