NSS offers a complete on- site IT security assessment, covering all areas of computer security, including physical access, password security, policies and procedures and more. The NSS audit follows industry standard best practices and is structured around the requirements of Federal, State and local regulations, including the international standard ISO17799/27002 for Information Security. The systems and control measures examined include:

  1. Business Continuity Planning
  2. Systems Access Control
  3. System Development and Maintenance
  4. Physical and Environmental Security
  5. Compliance
  6. Personnel Security
  7. Security Organization
  8. Computer and Network Management
  9. Asset Classification and Control
  10. Security Policy

For Financial Industry Audits, NSS also reviews the following systems and control measures for industry specific compliance

  1. Review IT related vendor contracts and insurance policies to determine adequacy of coverage regarding IT assets
  2. Existing support for vendor and risk management
  3. Wireless assets and controls
  4. Patch management implementation
  5. Compliance with GLBA/FDIC Title 12, Part 364, Appendix B

The audit includes:

  • Identify and catalog all IT assets.
  • Evaluate security threats and risks, both physical and electronic
  • Quantify risks and project effects
  • Suggest remediation of any problems
  • Suggest changes to current IT Security Policy and Risk Assessment
  • Written report with summary letter to Board of Directors

The NSS IT/EDP Security Audit is the quickest, least expensive way to make sure that your IT network and all valuable client and company data is secure against threats, both today and tomorrow.