Two men working on a paper

Auditing Services

Slingshot provides a range of auditing services based on accepted methodologies and practices, to ensure its clients continue to fully comply with all relevant local and international standards and regulations. The company regularly updates itself on new requirements that come into effect in all its clients’ areas of operation: finance...

Information Security Audits

The types of information security audits performed by Slingshot, and the main issues they cover, are listed below:

  • Information security regime organizational structure, roles and responsibilities, decision making processes, information security policy and compliance with standards and regulations.

  • Information security risk management – covering, among others, risk identification and assessment, risk mitigation measures, monitoring, reporting. 

  • Handling cyber threats both internal and external threats, the actions of the response team, response timeframe.

  • Information security technologies – hardware hardening, software, network security (including firewalls, router and server configurations and more).

  • Mobile devices security means and measures implemented to secure activity on mobile devices.

  • Confidentiality – pertaining to personal information and databases.

  • User and authorization management levels of user authorizations, access to sensitive data on a need-to-know basis.

  • Information security in software development – to verify that appropriate security measures are implemented during the entire application development process, to avoid exposing the organization to risks.     

  • Backup and recovery – to ensure that backups are stored safely and cannot be accessed by unauthorized parties, and that the organization is capable of meeting its defined RPO and RTO.

  • Incident handling – the handling of incidents that potentially compromise the organization’s information security. 

  • Database security – verifying that databases cannot by accessed by unauthorized parties.

  • Providers’ Information security level – to ensure that the client’s providers maintain a level of security that does not compromise its own operation.

Business Continuity Audits

The business continuity audits performed by Slingshot include any or all of the following:

  • Business continuity regime – covering the organizational structure, roles and responsibilities, decision making processes, business continuity policy and compliance with standards and regulations.

  • Compatibility of the BIA with the services offered – to ensure that the BIA is up to date in terms of implications on all the services provided by the organization to its clients.

  • Emergency response – covering the actions to be implemented in the event of emergencies, and their ability to effectively overcome the crisis and resume operation with minimal delay. 

  • Manpower preparedness – to ensure that the manpower responsible for implementing the business continuity program are familiar with the business continuity plan in general, and with their respective tasks in particular.

IT Management Audits

The IT management audits cover the following elements:

  • IT management regime. 

  • Services portfolio management.

  • Compliance with regulatory requirements and standards.

IT Risk Management Audits

Slingshot performs IT risk management audits for specific divisions and departments, as well as for the organization as a whole. The audits cover:

  • Risk identification – to ensure all risks potentially faced by the organization are mapped.

  • The development and testing processes.

  • Availability and capacity management.

  • Modifications management.

  • Configuration management.

  • Operations management.

  • Event management.

  • Monitoring and control.

  • Backup and data storage.

Get in touch with us