Once established, an information system must be audited periodically to ensure that it is performing all the tasks required of it as efficiently and effectively as possible. Growth of the organization, increased volume of business, changes in the business environment, technological changes and newly conceived information requirements all place increased demands on existing information systems and often cause them to be modified or extended on an ad hoc basis.
We have the specialized skills and experience to perform a thorough audit on existing information systems and to recommend changes in design, equipment, software and procedures, to bring them up-to-date and to peak performance.
A typical audit will include:
Introduction |
|
Covers the background of the business, the use of IT and a brief overview of why the system was originally installed. Highlights include any business expectations, formal or informal. If there is a Service Level Agreement, it will be summarized here. |
|
Management Summary |
|
Highlights any issues raised throughout the report with specific references to potential business impact. |
|
System Configuration |
|
A detailed analysis of hardware, software and applications. |
|
Disk Configuration and File System |
|
A full analysis of the current configuration highlighting any improvements that can be made and any existing problems. |
|
System Performance Analysis |
|
Whilst a detailed performance analysis is beyond the scope of a standard audit, data can be gathered over an agreed period (usually one hour) to give a snapshot of current system performance. CPU, Memory and I/O Subsystem performance will be examined and any tuning recommendations made. |
|
Backup and Recovery |
|
Your existing backup strategy will be reviewed to see if all of the system and business data required for a recovery and being properly secured. We will also review the recovery procedures to ensure that data that has been secured can also be restored if required. Recommendations for improving the current backup strategy will be made to help you minimize the risk of data loss. |
|
System Security |
|
The first step in implementing a successful security strategy understands possible exposures and risks. As part of the audit, the system will be tested for a number of known security loopholes to determine how easily an internal or external ‘hacker’ could break your systems security. If any of these loopholes exist, then a simple solution will be recommended. Where a clear security strategy does not already exist, recommendations on how to start formulating a security policy will be made. |
|
Recommendations |
|
Throughout the audit report recommendations will be made as to how the system can be improved. A summary of all recommendations will be made and each recommendation will be assigned a priority (high, medium or low) to help you to plan how to resolve any issues. |
|
Summary |
|
A general statement of the current status of the system, highlighting any business, technical or strategic decisions which need to be made. |
|
Appendices |
|
The appendices will contain the technical information gathered by our Consultants during the preparation of the report. This will help other ‘technical’ people to understand how recommendations were formulated. The main body of the document will, as required, have summary tables based on this information. |
All rights reserved.