Internal Security Audit

IT staff and business owners must stay ahead of increasing threats by hackers and insiders.

Internal Security Audit

The Problem: Controls Are Not Followed or Updated for New Threats

Most organizations now have security procedures and policies in place. One critical factor in the success of the security procedures and policies is how well they are being followed. Another critical factor is how often they are updated to cover new technologies and threats. Some of the reasons internal security must be regularly updated are:

• New threats are identified and new technologies created all the time
• Privacy laws exist in 50 countries and new laws are being created
• Data lost to employees can be just as damaging as data lost to outside hackers
• Mobile devices and social media are growing avenues for hacker access
• It takes one year to restore an organization’s reputation after a data breach¹
• The average loss in brand value after a breach is hundreds of millions¹

The Solution: Mercury Group Uganda Internal Security Audit

MGU’s Internal Security Audit is designed to identify data security and privacy risks and weak policies and controls. The audit is conducted both on- and off-site and covers a broad range of security checkpoints, including a review of the Active Directory, network security, data security, data access, hardened passwords, security polices, PC policies, server policies, and USB drive policies.

Mercury Group Uganda will review your policies and practices and then provide recommendations for the proper courses of action for any required improvements or additions.

1. “Fortifying your defenses – The role of internal audit in assuring data security and privacy,” PriceWaterhouseCoopers LLC, http://www.pwc.com/us/en/risk-assurance-services/publications/internal-audit-assuring-data-security-privacy.jhtml