Architecture audit

The architecture audit checks the design consistency of an information system with regard to its security objectives. The auditors assess the relevance and compliance of the technological choices from the point of view of the DICT (Availability, Integrity, Confidentiality and Traceability) in relation to the state of the art, the applicable requirements and the ANSSI guides. The SEC-IT audit team identifies potential weaknesses and makes recommendations that are consistent with the company's business needs and constraints.

Checkpoints include:

  • Flow partitioning
  • Segregation of critical services
  • Hardening of technical components (network, system, middleware, applications and endpoints)
  • System sizing and performance
  • Management of system administration, privileged rights
  • Backup, logs and secure archives
  • Business continuity and disaster recovery

Configuration audit

We control the application of secure configuration standards for:

  • LAN, Wifi, SDWan networks
  • On-premise servers: AD, messaging, databases, file sharing, OS hardening
  • Cloud tenants: Azure, AWS, O365 (Exchange Online, SharePoint, Teams)

Organizational Audit

This audit makes it possible to assess the deviations, vulnerabilities, non-conformities of the company and its cyber security practices in relation to:

  • Regulations (ex: NIS, DORA, GDPR)
  • Normative standards (ex: ISO 27001/27002, ISAE 3402) or security frameworks (ex: NIST)
  • Specific B2B requirements raised by the clients of our clients, or going to their providers

This audit also responds to:

  • The need of improvement the IS security management processes
  • The improvement of the management system (ISMS), for example as part of a Plan-Do-Check-Act (PDCA) cycle

Subcontracting audit

Mastering the supply chain is a major challenge for data security. We carry out the audit of critical suppliers according to the reference system in force in the company: Information policies, customer's contractual requirements, international standards.