businesstc.com

IT Systems Security Audit


An IT Systems Security Audit is a technical assessment of your systems and applications.

Manual assessments may include interviewing staff, performing security vulnerability scans, reviewing application and operating system access controls, and analyzing physical access to the systems.

Automated assessments, generated audit reports or using software to monitor and report changes to files and settings on a system. Systems can include personal computers, servers, mainframes, network routers, switches.

We will need to install monitoring software onto all of your computers, laptops and server machines to run automated reports.



Customer details

Address

     

   

Contact details

–  –   


Minimum Security Processes


Internet connection

Internet connection type:   If other, please specify:  

Modem/Router

Login username :  –  Login password :  

LAN IP : – WAN IP:

Is remote admin enabled?  

If so, what port is being used for remote admin?    

Does the password meet the minimum standards?   

 

Recommendation

We recommend you take the following action.  


Wifi Security

Wifi name (SSID):

Wifi password:  

Note: 

WPS

WPS is a button on the modem/router that allows you auto add a device, should always be disabled.

Is WPS Disabled?   

We recommend you take the following action.   

Wifi extenders

If wifi extenders are in  place, do they meet the minimum security standards?


Computers and Mobile Devices
Auditing computers and mobile devices
1. Check all computers and mobile device user accounts
2. Check all user accounts passwords meet minimum password security standards 
3. Check that all mobile devices have a PASSCODE setup to secure the device when it is not being used
 
Do all computers and Mobile devices meet the minimum security standards?
 
We recommend you take the following action.  
 


User level security

Check the security level of each user

Users should have security levels set.

These security levels determine that level of access and control over the computer.

Do all users have the required security level?   

Recommendation

We recommend you take the following action.


CyberSecurity

Each computer requires, Antivirus and Internet security installed and up to date.
Do all Computers and Laptops have up to date Cybersecurity installed?   

Recommendation

We recommend you take the following action. 


Servers

CyberSecurity

Each Server requires, Antivirus and Internet security installed and up to date.
Do all Servers have up to date Cybersecurity installed?    

Are you using a VPN?   

Recommendation

We recommend you take the following action. 


Remote access to Servers
Can the server be accessed remotely?
  
If yes, what type of remote access is being used?
 
If other please specify.
 
Is remote access password protected?
 
Do the passwords meet the minimum security standards?
 

Recommendation

We recommend you take the following action. 


Data protection and back up 
Is your data backed up?   
If yes, how is it backed up?    
Where is it backed up?       

What happens next?

If your IT Systems Security Audit meets the minimum requirements, we will send you a certificate showing your IT Systems Security meet the minimum sercurity requirements at the date of inspection.

If you IT Systems Security Audit does meet the minimum standards we will send you our recommendations to bring your IT Systems Security up to date to meet the minimum requirements. 

Once you have done this we will perform an audit to see if any changes in our recommendation have been carried out and your IT Systems Security meets minimum requirements.

The charges for this is $450.00 ex. GST

Limitation of Liability

In no event shall Commanding Communications PTY LTD trading as Business Technology Centre or any of it’s directors, employees or sub contractors be held liable for indirect, special, incidental or consequential damages arising out of this audit hereunder, including but not limited to loss of profits or revenue, loss of use of equipment, lost data, costs of substitute equipment, or other costs.

Limitation of Audit

The audit details the current situation with regards to your IT Systems Security at the date and time of of audit.  Commanding Communications PTY LTD trading as Business Technology Centre is not responsible and you agree not to hold us responsible for any breach of security after the date and time of the audit.

Keeping your IT Systems Security up to date.

We advise you to carry out the audit at least every 6 months, or when you make any changes to your IT Systems.

Leave this empty:

businesstc.com https://businesstc.com
Signature Certificate
Document name: IT Systems Security Audit
Unique Document ID: 6c59caaacefced5895a253b075b5bc2e28739601
Timestamp Audit
September 20, 2017 8:22 pm AESTIT Systems Security Audit Uploaded by Josh Rushton Rushton - sales@businesstc.com.au IP 101.177.55.26