Knowledge | News | Careers | Contact us

Assurance services

I-RAP & ICT audit

Gain assurance in the security of your ICT systems. stratsec consultants conduct independent ICT security audits and DSD I-RAP certifications for clients.  Our aim is to provide pragmatic assessments of security for our clients through our expertise in ICT security systems.

stratsec performs security audits of IT and non-IT assets using a variety of tools and approaches depending upon the type of audit required by our clients.  We have a number of DSD endorsed infosec registered assessors (I-RAP) and certified information system auditors (CISA) on our team.

Our methodology for the conduct of security audits has been developed to be consistent with the Information Systems Audit and Control Association requirements and customised for Australian Government security standards. stratsec has adopted ISACA standards, guidelines and procedures to ensure:

  • Consistency of audit activities
  • Repeatability fo audit activities
  • Reproducibility of audit results

We use a structured approach to all audit activities comprising three phases:


  • Phase One: Review – The phase in which the scope and boundary for the target of the audit activity are defined and evidence is gathered and analysed in accordance with the audit plan.
  • Phase Two: Findings – The phase in which the interim findings are published for stakeholder comment, the report is finalised and any actions agreed to address audit findings.
  • Phase Three: Follow-up – The phase in which the audit team reviews the actions taken for resolution of audit findings and the audit activity is closed.

 

For information on stratsec I-RAP & IT auditing services, contact us at info@stratsec.net