What Is It?

A Security Audit is designed to audit and document:

• A company's physical information technology infrastructure security, including laptops, desktops, servers, routers etc.;
• A company's systems and applications security; and
• A company's IT security policies and practices

with a view to making recommendations ranging from strategic to tactical, for improvement. The Audit will cost the recommendations made and will provide a framework implementation plan.

Who Is It For?

A Security Audit is a suitable consulting package for virtually any small business regardless of its stage.

Deliverables

A Security Audit will produce a Security Audit Report. The Report will make recommendations on actions to improve the security of your network infrastructure.

Expected Business Results

Expected business results will be quantified in terms of levels of security, and are mapped against cost/benefit and potential outcomes including reputational risk, operational risk, and legal risk.

Time Commitment

You should be prepared to give 20-30 hours of your or your staff's time to allow us to obtain the information necessary to undertake the review.

Length Of Engagement

The process will take about 4-6 weeks for the production of the report, with regular engagement intervals in the following 12 - 18 months to assist you in managing the change process and quantifying business results.

Follow Up Actions

It will be the client's responsibility to act on the recommendations contained in the Security Audit Report.

Monitoring Schedule

Clients must agree to a regular 6 month monitoring schedule over the course of 2 years.

Consultant Profile

SBDCTAP currently has 1 IT consultant who can provide this service. Further details will be provided on request.

How Do I Get The Service?

SBDCTAP clients must be referred into the SBDCTAP program via a local Small Business Development Center. You can sign up here.