IT Security Compliance, Risk & Audit Solutions

Security Assessment Risk Assessment IT Security Audit Penetration Testing Social Engineering Application Testing Policy Management Security Training

Products

Regulatory Compliance Software – TraceCompliance Manager Risk Management Software – Trace Risk Manager IT Audit Management Software – Trace IT Audit Manager Compliance Monitoring Software – TraceComply Vulnerability Scanner – TraceAssess Policy Management Software – TracePolicy Training Software – TraceTrain Security Compliance Tools

Secure Communications – TraceTunnel Site Authentication – TraceAssure Multi-Factor Authentication – TraceAuthenticate

Industries

Credit Union Banking General Business / Retail Education Government Healthcare Electric Power

Resource / Media Center

In the News Events Webcasts Educational Articles Customer Successes Whitepapers Press Releases Video Testimonials Security Awareness Toolkit

Company

Overview Management Board Contact Us Partners Careers Support

IT Security Compliance regulations and guidelines (GLBA, NCUA, FFIEC, HIPAA, etc.) require an organization to conduct independent audits of its Information Security Program. An IT Security Audit will compare the organization’s current security controls to the standards established by the FFIEC or Best Practices based on international standards such as ISO 27001, COBIT 4, etc. The process includes procedures to collect and examine data and practices which impact the effectiveness of the security program, and to help identify deficiency causes. Additionally, the examination process includes the ability to archive support data used to support audit conclusions with clear audit trails.

The TraceSecurity IT Security Audit process will help the organization evaluate the utility of and adherence to your organization's Information Security Policy controls. The entire Audit process is managed through the TraceSecurity IT Audit Manager that automates the process and provides a foundation for future IT Security Audits.

TraceSecurity IT Security Audit review includes the following:

Authentication and Access Controls
Network Security
Host Security
User Equipment Security (e.g.: workstation, laptop, handheld)
Physical Security
Personnel Security
Application Security
Software Development and Acquisition
Business Continuity - Security
Service Provider Oversight - Security
Encryption
Data Security
Security Monitoring

Ongoing IT Security Audit Process

Because organizations are constantly evolving, the IT Security Audit should be a continuous process. However, using third-party vendors to perform the necessary audits may not fit within the organization’s budget. The organization may turn to its own personnel to keep its IT Audit up-to-date, but this approach usually puts a strain on key personnel’s time.

TraceSecurity has developed its IT Audit Manager solution that automates the IT Security Audit process to enable an organization to efficiently perform its own, on-demand IT Security Audit in a cost effective manner. IT Audit Manager is a Software-as-a-service (SaaS) solution that eliminates the need to install or maintain the software on the organizations systems. IT Audit Manager provides a seamless transition from the TraceSecurity IT Security Audit to an in-house managed IT Audit program. IT Audit Manager is included with TraceSecurity’s comprehensive IT Security Audit Solutions. TraceSecurity also provides Service Only options and IT Audit Manager as a stand-alone offering. To learn more about IT Audit Manager, click here.

Ongoing IT Security Audit Process

White Papers

Related Solutions