Home |About us | Services| Contact
   
   
  Latest News
     The Romanian Goverment decided on Wednesday, 18 November, the foundation of a national center which will have, among other attributions, the duty to prevent and combat cyber terrorism.  
       
     OUG no. 109/2009 for modification and completion Law no. 571/2003 regarding Fiscal Code published in Romania.s Official Monitor no. 689 13 October 2009 abrogate Law no. 260/2007 regarding recording the commercial operations through electronic resources. (electronic invoice).  
       
     ISACA has released The Risk IT Framework which will enable enterprises to understand and manage all significant IT risk types, building upon the existing risk related components within the current ISACA frameworks, i.e., COBIT and Val IT.  

What types of audits are we conducting?

  • International standards and best practices compliance audits;
  • Local laws and regulations compliance audits;
  • Internal audit outsourcing.

How are we auditing?
Depending on the type of the audit mission, the below individual techniques are selected by the audit team in order to obtain the best concluding results for the analyzed area or process.

  • Interviews, e.g. verbal questioning of nominated employees;
  • Visual inspection of systems, locations, spaces, offices and objects;
  • Observations, e.g. things observed incidentally in the context of the on-site examination;
  • Files analysis, including electronic data;
  • Data analysis, like log files, database evaluations etc;
  • Technical examination, e.g. testing of alarm systems, access control systems, applications etc;
  • Specific questionnaires.

A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines. Independent information security and information technology experts evaluate the strength and thoroughness of compliance preparations. During a compliance audit the reviewers examine areas like security policies and practices, user access controls and risk management procedures. The examined entities will vary depending upon whether an organization is a public or private company, what kind of data it handles and if it transmits or stores sensitive information. The compliance audit can be seen as a three stage process: assessment, remediation, and ongoing compliance. The net result of the assessment phase of a compliance review should include audit results, corrective measures, compliance assurance programs, and training and education specifications. The remediation stage is the normal consequence of an assessment and is accomplished internally (or with supplementary external consultancy).