Share :
Objectives of an organizational and physical audit
During organizational and physical audits, the Synetis auditor will carry out an analysis of the policies and procedures (internal or external) defined by your organization in order to verify their compliance with the security requirements you have expressed. Synetis can of course help you define these needs.
In a first phase, a documentary analysis is carried out, which is then supplemented by interviews with the employees concerned. Finally, technical samples may be taken to obtain audit evidence.
Beyond computer intrusion, hackers are today able to carry out physical intrusions, thus directly affecting the heart of their victims’ information system. From badge cloning to lockpicking, attackers have an offensive arsenal at their disposal that can put corporate security systems to the test.
This audit is characterized in particular by an on-site audit to verify the procedures and their correct application. Synetis listeners can also perform physical intrusion tests aimed at simulating an attacker’s point of view in the most realistic way.
Audit methodology can be based on ISO 27002, ANSSI recommendations, II901, etc.