	RISK COMPLIANCE SECURITY
Solutions CorrelatedVM™ DEA EPCS Financial Healthcare Mobile Retail Technology Services Services Overview Strategic Security Services Vulnerability Management Risk Analysis PCI DSS / PA-DSS IT Audit Healthcare / DEA EPCS Application Security Network/Infrastructure Security Penetration Testing News NetSPI In The News Events Press Releases Resources White Papers Case Studies Presentations Webinars Company Why NetSPI Management Our Approach Certifications Partners Careers Contact Blog

Services

Information Technology Audit

With technology being integrated into every aspect of an organization's processes and technology, the need for IT Auditors that understand practical security controls has never been higher. Our consultants have a deep level of understanding of audit including traditional audit frameworks such as COBIT, while at the same time, have several years of experience in information security with frameworks such as ISO, NIST, PCI DSS, PA-DSS, and HITRUST CSF. This uniquely positions NetSPI with the ability to not only provide simple audits, but work with organization's IT and information security governance teams in helping design controls that not only meet stated requirements, but are also practical.

Internal IT Audit Services

In order to supplement Internal Audit's own expertise in the area of IT Audit, NetSPI will assist by providing the security, technology, and security framework expertise to the internal team. Most often NetSPI will work cooperatively with internal auditors and conduct audits on behalf or as part of the internal audit. This level of involvement not only provides a virtually seamless transition but also provides effective training opportunities for the continued education and development of internal resources.

Third-Party Audit Services

When an independent opinion is necessary NetSPI can perform a comprehensive audit of any single entity, ranging from a specific application or business process, a single division, or the entire organization. NetSPI will work closely with key project stakeholders to establish audit guidelines and parameters including any regulatory requirements that may be appropriate. With the audit requirements established, NetSPI will conduct on-site and off-site work as appropriate and will deliver a report of the audit findings. The report includes a prioritized matrix of findings as well as the justification as to why each finding was included in the report.

Regulatory Audit Services

NetSPI's unique experience with multiple regulatory standards allows NetSPI to perform targeted audits against specific requirements such as PCI, HIPAA, HITECH, HITRUST CSF, NIST, and ISO. NetSPI can customize audits to target third-party contracts or internal teams or systems, depending on the need of the organization.

Data Center Controls Review

NetSPI does a detailed review of all controls in place for a data center, including such items as physical access control, logon/logoff, backup procedures, hardware maintenance, problem reporting and escalation, assigned responsibilities to back up someone who is unavailable, audit logging, and documentation for all procedures.

Why Choose NetSPI

Read about NetSPI's unique combination of advantages.

Contact NetSPI

NetSPI's Audit Services

When you are working toward compliance with a standard like PCI or using a framework like HITRUST CSF, you want a partner who not only has the right credentials but who also knows the ropes. NetSPI has the relevant credentials, along with a deep knowledge of what the particular standard really means. NetSPI also brings to these audit and compliance projects our own custom-developed program guides and tools, which help you get through the process as efficiently as possible.