Stratsec
Skip to content
Skip to main menu
About Us
stratsec and BAE Systems
Accreditations
Clients
Executive Management
Awards
The Merger of stratsec & SIFT
Philanthropy
Services
Technical Services
Common Criteria
Digital Forensics
Enterprise Security Architecture
Penetration Testing
Governance Services
I-RAP & ISM
ICT Audit & Compliance
Identity & Access Management
ISO27001
PCI DSS
PKI & Gatekeeper
Security Strategy
Threat & Risk Assessments
Other Services
Intelligence
Physical Security
The stratsec Cyber Academy
Industries
Banking & Financial Services
Critical Infrastructure
Defence & National Security
Government
Health & Human Services
Information & Communications Technologies
Mining & Resources
Telecommunications
Research
Newsletter Archive
Speaking Engagements
Publications
Tools
Advisories
Careers
News
Events
CTO Blog
Technical Blog
Media Appearances
Contact
Search for
ICT Audit & Compliance
At stratsec we provide IT audit and assessment services for government agencies and commercial organisations.
Our consultants have extensive experience in conducting compliance audits of ICT and non-ICT assets using a variety of tools and approaches depending upon the type of audit or assessment required by our clients.
We have been involved in several, large strategic security planning projects with major Australian government agencies over an extended period of time.
stratsec
has always approached these projects in a methodical manner; ensuring engagement with all relevant stakeholders through a variety of contact techniques, reporting regularly through a project team lead by a senior consultant. The core business of
stratsec
is to provide documented business led ICT solutions which meet Australian and international standards.
The
stratsec
methodology for the conduct of IT audits and assessments has been developed to be consistent with the Information Systems Audit and Control Association requirements and customised for relevant regional government security standards.
stratsec
has adopted ISACA standards, guidelines and procedures to ensure:
consistency of IT audit activities (benchmarking),
repeatability, and
reproducibility of results.
Combined with our experience is a heightened awareness of security and related information security management issues; particularly in the global context. This enables our consultants to devise and deliver the most current and effective assessments and strategies that are closely aligned with the business objectives and risk profiles of our clients.
A fundamental element of conducting compliance assessments is that of reporting. We have extensive experience in developing compliance and audit reports for Board Audit Committees of government agencies and ASX 200 companies; as well as internal reporting for executive business and IT management providing both business and technical level analysis.
The
stratsec
assessment process is always performed with extensive communications with our client. These processes are often coupled with the development of a set of detailed and actionable recommendations for achieving the level of compliance or process maturity desired by our client organisation.
We take a phased approach to IT audits and assessments to ensure that our clients have a level of control, with regular and suitable touch-points in the process to make key decisions and be aware of potential high exposures and risks that must be addressed. Our expertise lies in the identification of areas requiring improvement and then specifying prioritised measures to address areas of concern.
Customised ICT Audit & Compliance solutions for government agencies and commercial organisations
Our Services
Our Industries
Our Research
In this section
Technical Services
Common Criteria
Digital Forensics
Enterprise Security Architecture
Penetration Testing
Governance Services
I-RAP & ISM
ICT Audit & Compliance
Identity & Access Management
ISO27001
PCI DSS
PKI & Gatekeeper
Security Strategy
Threat & Risk Assessments
Other Services
Intelligence
Physical Security
The stratsec Cyber Academy