Home   >   Services   >   ISMS - Security and Value of Information   >   Supporting IT Auditing and IS Auditing

Supporting IT Auditing and IS Auditing

German law on control and transparency in the corporate sector (KonTraG) requires corporations to provide appropriate risk management and internal auditing. Inherently, every kind of enterprise is interested in identifying risks as early as possible to forestall security incidents and prevent damage to the company. Hence internal auditing procedures are indispensable to assess the efficacy of risk management and control systems. Both, IT and IS auditing play an important role for companies as an independent monitoring source.

Information security auditing embodies a vital component of any successful information security management system by evaluating the effectiveness and completeness of IT security procedures at regular intervals. The focus lies on assessing the design, operation or utilisation of information technology. In this connection, the examination services of IT and IS auditing have to be performed in a complex and dynamic field. This requires interdisciplinary knowledge, which staff members do not as a rule have in all areas of IT security. Lack of expertise poses a risk of not being able to identify and cover all relevant checks.

Due to the increasing number and complexity of issues to be inspected, auditing departments and auditors likewise face increasing demands. TÜV TRUST IT is there to support you with professional knowledge and a comprehensive portfolio of services.

Your benefits

  • Coverage of all relevant checks of IT auditing and IS auditing
  • Inclusion of your specific auditing requirements
  • The in-depth experience of our auditors
  • Our methodical competence: audits based on officially recognised standards (COBIT®, ITIL®, ISO 270xx, ISO 15504, Federal Office for Information Security – IT-Grundschutz)

  • Certification of our consultants as Certified Information Security Auditors (CISA)
  • Our certification by the Federal Office for Information Security (BSI) as an IT security service provider in the field of IS auditing and consulting
  • Reducing investments in advanced training of your auditors