Summary
This document is a guide detailing the security audit and review service offering provided by the organization. It outlines a systematic approach to assessing an organization's information system against an audit checklist that includes industry best practices, external standards, and regulatory requirements. The guide describes the process of conducting Cyber Essentials pre-certification audits, reviews, and gap analysis. It emphasizes the importance of evaluating existing cybersecurity policies and procedures, providing recommendations for improvements, and ensuring compliance with NCSC standards. The document also presents key service features such as conducting thorough security assessments, developing audit plans, and providing independent insights into operational efficiencies. Furthermore, it highlights the objective of assisting organizations in maintaining compliance and improving their information security posture through continuous improvement and adherence to statutory requirements.
