Information Technology Security Audit

Description

The Information Technology security audit is a systematic and independent examination in order to reveal whether the IT activities of an institution are in conformity with the relevant international standards (e.g. the stipulations of MSZ ISO/IEC 17799:2006). During the auditing process the effective legal provisions, the recommendations of the public administration IT committee and the security policy of the organization are to be followed as basic requirements. According to the circumstances other requirements and special needs may be added. During the audit of the IT committee the exposure to threat will be analyzed on the basis of the fulfillment of the rules and observances. The auditing activities include the performance of the criteria of functionality, effectiveness, protection of information and reliable operation.