Comprehensive IT Audit
Our company is seeking an independent, thorough Information Technology (IT) audit from a qualified external firm. This will be the organization's first comprehensive IT Audit. We currently have minimal internal expertise in formal IT control frameworks and compliance testing. The primary goal of this initial engagement is to establish a clear baseline of the overall health, security posture, and compliance status of our core IT environment. We require an audit partner who can not only assess our current state but also provide clear, prioritized, and actionable guidance. The successful auditor will provide the following outputs upon completion of the engagement: • 1. Detailed IT Audit Report: A formal, written document containing: The scope and methodology used, a clear statement of findings and observations and Risk Rating, Each finding must be assigned a clear severity rating (e.g., Critical, High, Medium, Low). • 2. Prioritized Recommendations: A dedicated section listing specific, actionable steps to address each finding. This list must be ordered by business risk and feasibility. • 3. Policy and Documentation: Provision of documentation (e.g. security policies, incident response procedures) that align with the recommendations, risk register, Risk tolerance and Appetite which we can adapt for immediate implementation. Apply tot his job