This audit begins with a document review based on, for example, Quality Assurance Plans, Security Assurance Plans, PSSI, architecture diagrams, administration and operating procedures, Business Continuity Plans, Disaster Recovery Plans, analysis of strategies, management of Maintenance in Operational and Security Conditions.

In addition, evidence will be collected to complete this literature review.
Secondly, interviews are conducted with the teams concerned to provide context where necessary, in addition to verifying compliance with the documentary elements.

Eventually, Synetis teams can alsoidentify compromise routes (technical vulnerabilities) against the organization’s IS.