AUDIT

Formal process for evaluating adherence to laws, regulations or policies of reference.

This analysis is carried out through a random sampling technique in compliance with ISO 1911:2012 and ISACA requirements then, providing evidence of compliance or non-compliance with the requirements.

There can be First (internal audits) and Second audits (for auditing suppliers or clients). Third Party Audits can be carried out in cooperation with Accredited Bodies providing internationally recognized certifications.

Our services Audit

First and second party audit

We can perform first and second party audits on the following schemes:

ISO/IEC 27001-Information Security

ISO/IEC 20000– It Service Management

ISO 22301– Business Continuity

ISO 9001– Quality

ISO 28000– Supply chain management

PCI DSS– Security of Payment card data

Cyber Security– to assess the Organization’s risk exposure

Privacy– to assess the level of compliance with law

Third Party Audits

We collaborate closely with the main certification bodies for Information Security Management Systems, Business Continuity and IT Service Management, also as auditors. Depending on the needs of the customer we manage the relationship with the entities for the contracting and planning of activities.

PCI DSS Compliance Audit

We perform PCI DSS compliance audits as defined by the PCI Council:

Audit Level 1 – Completion of RoC and AoC attestation of compliance – Audit Level 1
Audit Level 2 – Completion of Self Assessment Questionnaire with attestation of compliance via AoC signed by a QSA

ASV Scan – as per requirement 11.2.2.

Learn more about our services

Gerico Security Learn more about our consulting proposal
Gerico Security Discover our training offer
Gerico Security Learn more about our audit activities
Gerico Security Discover the benefits of a cybersecurity inspection

Our ``out of the box`` approach will be a winner for you

You can call us at +393496847531 to get to know us better