• +90 212 702 00 00
  • +90 532 281 01 42
  • I info@muayene.co

Private Security Audits

Information technology audit is carried out with the aim of assuring whether the expected benefits are obtained from the infrastructure and processes. These benefits can be listed as follows:

  • To what extent are infrastructure and processes capable of meeting business needs? (Efficacy)
  • How efficient are the resources used? (activity)
  • To what extent is the protection of the confidentiality, integrity and continuity of information assets ensured? (security)
  • Finally, how much legal regulations are being followed on these issues?

The information technology audit to be performed is a separate area of ​​expertise. However, it should not be completely separate from the general audit principles and criteria; In this respect, IT security audits also require a risk-based and objective evidence-based audit process.

Organizational, process and technical controls form the basis of information technology audits. In addition, physical controls that support the protection of information technology infrastructure against security gaps should not be ignored.

In addition to these general principles, it is possible to carry out special security audits depending on the field of activity and service conditions of the enterprises. Many different methods can be used in these inspections. However, each method has different effect criteria in itself. Some critical controllable areas may have different characteristics depending on the activities of Krum. Some areas may also gain importance in certain periods depending on the differentiation of business objectives. What is important is to realize these priorities and prioritize these differences in audit planning.

Different applications and standards can be applied in information technology audits. For example,

·         COBIT (Control Objectives for Information and Related Technology)

·         TS ISO / IEC 27001 Information technology - Security techniques - Information security management systems - Requirements

·         TS ISO / IEC 27002 Information Technology - Security Techniques - Application Principles for Information Security Controls

·         PRINCE (Projects in Controlled Environments)

·         CMMI (Capability Maturity Model Integration, Capacity Maturity Model Integration)

·         ITIL (Information Technology Infrastructure Library)


our organization within the scope of auditing services. In these studies, operates in accordance with the relevant legal regulations, standards published by domestic and foreign organizations and generally accepted audit methods.