CommSec’s customers need to ensure that their IT security products, processes and practices are effective, documented and measurable. The methodology employed in conducting our Security Assessments is based on the ISO 27001:2013 Information Security Standard combined with industry best practices and standards published by organisations such as the SANS Institute, the US National Institute of Standards and Technology, the US CERT Coordination Centre and the Centre for Internet Security.
When we undertake a security audit for your business, we examine every aspect of your IT environment and how users and IT administrators work with the IT systems.
At the completion of the audit, we give a comprehensive written report which includes all our key findings and detailed prioritised remediation recommendations.
This can form the basis for strengthening a robust IT security strategy, in line with company risk management and security objectives. We recommend carrying out a security assessment at least annually.