This service, though underrated, is as important as the business itself. The key aspects of this service includes the review of :
- An overall review of the IT environment, the number of users, servers, work stations, offices connected to an Head office etc. This is done in order to establish the level of technological complexity of the business.
- Logical Access Controls e.g. do the right people have the right access to computing resources as well confidential data?
- Change Management-encompassing a through review of the process of making changes in the applications.
- General Controls entailing a review of Physical Access to Data Center, data recovery and back etc.
- Application Controls to ensure whether the application is accessible to the right personnel & is functioning as designed.