ICT Security audit: our ICCM

Our ICCM security audit, an introduction:

You have your car inspected annually. Because you are obliged to do so, but also because you want to drive safely. You can easily estimate the risks of driving an unsafe car. But do you ever consider the risks of a poorly secured office environment? For example, how high is the business loss if the computer systems become flat or business secrets such as customer data or price lists end up on the street? With the ICCM © Audit, the APK for your office environment, you have a quick insight into the security and privacy risks and you can take measures to cover these risks. With the new AVG this APK has now become mandatory for most companies, but it is also very useful; on average we find around 75 security leaks per audit! You may be of the opinion that your IT supplier or system administrator must have arranged security properly. How sure are you of this? How clearly are these responsibilities assigned? Unfortunately, Triple-B consultancy finds few situations in which information security is “properly regulated”. Information security is a specialty. Just as the accountant checks the accountant and the APK station is the independent inspector for your car, Triple-B consultancy checks the status of information security.

The ICCM © Audit is a simple method to give you a quick insight into your security risks. Based on the audit, we advise you on adjustments that you can make to cover the risks and make your IT environment safer. The ICCM © Audit is:

  • set up from the ISO 27000 standard for information security and a self-developed standard system for privacy.
    scans quality criteria such as availability for users, confidentiality, integrity and verifiability
  • benchmarked on the average security level of Dutch companies
  • a practical guide with clear points for improvement
  • a methodology developed by BSM (Business Security Management). Our business partner in the field of cyber crime and fraud prevention, among other things.

The ICCM © Audit is an abbreviation of:

  • Identify (identify leaks)
  • Close (close leaks)
  • Cross Reference (assurance)
  • Maintain (maintain and update)

The final report at the ICCM © Audit is a practical guide for you to design your infrastructure safely and to make responsible choices from products, solutions and design.

Example 1:

The importance of management information about the information systems is high. The rollout of the improvement plan as a result of the ICCM © Audit, the management had gained insight into the copying behavior of the employees. One employee wanted to take over the files before he resigned. However, the deviant behavior was immediately reported. The employee could immediately hand in the copied data and his laptop.

Example 2:

At a large distribution center, management was convinced that the new wireless network was secure. A check by Triple-B Consultancy showed that wireless and direct access to the product and customer database was possible. The report indicated the weaknesses and the corresponding solutions: with a few minor adjustments, the wireless network was indeed secure.

Quickly safe with the ICCM © Audit! • your company data is safe • faster systems • comply with legislation (AVG) • awareness within the company • audit costs often recoup quickly.

Do you want to conduct an IT security audit / IT security audit? Please contact us and we can make a plan together.

Do you want to know more about internal audits? Then read our page about internal audits

Good to know: The physical security (security of access to the buildings and spaces) is part of the ICCM audits, but can also be performed as a separate security scan without the IT / automation side.