There are many organizations that believe that their systems are safe and that employees are following the procedures that management has set out for them. Unfortunately, this is not often the case and management does not realize that things are not quite as they seemed until something goes wrong. By then it is too late and the damage has been done.
Kyte can assist you in identifying control gaps in your systems and procedures by reviewing them and comparing them with best practice so that the risks of something potentially going wrong is mitigated.
Kyte is primarily an IT Audit company and most of our employees are IT auditors by profession backed by numerous certifications, namely CISA, CISM, CISSP, SSCP and ISO27001. We are in a position to assess any system, infrastructure or business process against any set of requirements.
We conduct IT audits on the basis of our client business objectives and obligations by conducting audits to verify and validate that requirements are being met:
For Information Security Standards such as PCI DSS and ISO27001
For clients having obligations to comply with EU directives and legislation such as GDPR, PSD2 and DORA
For regulated entities that require a one-off or periodic audit as part of their license obligations such as Remote Gaming, eMoney and Payment Institutions, Virtual Financial Assets and MiFiD.
We are also in a position to provide our clients with an IT Audit covering general computer controls which can be aligned to any of the above standards or else tailored on the needs of the organization and based on industry best practices.
Our IT audit projects are usually complemented by an Attack and Penetration Test which can be carried out by our specialized testing team.
I do not have an obligation for any IT Audit but I want to know the current security posture of my organization. Do I need to conduct an audit against a standard?
No. We can conduct an audit to cover specific areas of concern. The tests can be tailored specifically for your organization and to provide you with the level of comfort you or the regulator are seeking. However, aligning yourself to a standard is always a good idea.