Assessment & Audit

Creating a secure organization requires access to highly specialized knowledge and intelligence to remain ahead of evolving risks. Has your business ever reviewed its information systems, networks, or security processes and practices – looking deeply at operating procedures, back-up protocols, password management, user management or development procedures? Are you facing challenges raised by a higher-level audit, the need to meet a regulatory requirement, or concerned about the manageability of your organization’s information security?

Thinking About an IT Security Evaluation?

If so, you need an expert, unbiased assessment that details the strengths and vulnerabilities of your security technology. Dev-Byrne & Company offers a wide range of network security services designed to meet your specific needs. Our information security assessments and audits identify where improvements can be made and the steps needed to accomplish them.

We follow ISO 27001 information security management standards, focusing on your systems, networks, processes and practices. Through observation, inspection, and interview, our experts validate if your organizations policies, practices, and technology are adequate.

An Approach Backed by Experience

Choosing an information security firm with certified staff is critical. In addition to being certified, our experts have worked in the security field for decades, implementing and supporting technology for small, medium, and enterprise clients. In addition to conducting assessments and audits, members of our team have spearheaded security projects for Fortune 100 entities.

Our approach to information security reviews involves observation, inspection and interview. We conduct system and software testing, interrogating logs and other records as required.

A Customized Assessment

Our assessments and audits follow established criteria and are customized to your specific environment. Elements of our evaluations include, but are not limited to:

  • Identifying the potential source of the threat (whether from internal users or the public Internet)
  • Measuring the likelihood of exploitation (have other organizations suffered intrusions because of this exposure?)
  • Quantifying the cost of an exposure
  • Recommendation and actions to fix problems and identified risks
  • Examination of potential legal liability
  • Assessment of the risk of service interruption

A Powerful Security Evaluation

Our goal is to complete your evaluation within 2-3 weeks. Times may vary depending on network size and complexity. We will work to:

  • Define and agree on the scope and objectives of the assessment or audit
  • Identify the appropriate people and locations and establish a firm time frame for completion (depending on scope and complexity, time frames may vary)
  • Conduct documentation reviews and other necessary research
  • Conduct inspections and interviews as needed
  • Document preliminary findings and reporting
  • Produce final reports (notifying you whether your security controls are – strong, adequate or weak)
  • Deliver final report and recommendations