Carry out a qualitative General IT Controls audit
The General IT Controls (GITC) audit includes numerous, diversified verifications and tests. This audit is particularly recommended in the context of a company buyout and may be a regulatory requirement depending on your type of organization. You can count on the help of our MS Solutions experts to perform it successfully.
Why perform a GITC audit and entrust it to an external partner?
The GITC audit consists of evaluating the general controls of an organization’s information technology, in order to confirm the effectiveness of the protection mechanisms in place, and their robustness to any incidents that may occur.
- The results of the tests performed on these controls are then presented to the organization’s governance in a pictorial report. Recommendations are issued to prioritize, target and direct improvement opportunities. Experience and objectivity are required to provide an independent view of these controls.
Inclusions with a GITC audit:
The checks and tests performed as part of a GITC audit are numerous and diverse, and include:
- Summary audit of organizational security: governance, risk management, personal awareness and insurance
- Summary audit of the security of public assets: website management, DNS management, social media management
- Summary audit of external network security: documentation, security perimeter and remote access
- Summary audit of physical security: physical access, server room and communications room
- Summary audit of internal network security: documentation, system obsolescence, antivirus, password management, accounting software
- Summary audit of operational security: robustness of systems, backup management
MS Solutions is committed to providing you with a comprehensive report, with recommendations and evidence.
The process for a GITC audit:
The methodology that we recommend for the successful realization of a GITC audit is adapted to the size and reality of each organization. We are present from the planning of the audit, right through to the presentation of a detailed report based on data collected and analysis of your IT systems. The following steps are included.
Our experts will meet with the people in your organization who will be involved in the project, so we can plan it together. All stakeholders will be identified and contacted.
Our experts will undertake the collection of all required information, by accessing the IT environment, governance documentation, and targeted information assets.
Our experts will continue the audit with verification and testing of the following six major controls:
- Organizational security
- Security of public assets
- External network security
- Physical security
- Internal network security
- Operational security
The report will present the results of the various analyses performed, as well as the findings from throughout the audit. The report will detail all the issues raised by our experts, as well as a series of recommendations to improve your security posture.
You will receive an illustrated report to simplify understanding. Recommendations will be issued in order to prioritize, target and direct improvement opportunities.
Our Commitment
Our team of experienced technicians will help you solve your IT issues efficiently, and allow you to focus on your growth.
Yves Coté
Partner, Vice President of Operations
News from the IT world
MS Solutions celebrates its 35th anniversary: An adventure of innovation and growth
In 2024, MS Solutions celebrates its 35th anniversary, marking a journey full of challenges, successes and transformations. Since its founding in 1989 by Mario Chabot, under the name Microservice Québec…
Azure Files: Cloud storage guide and pricing
Découvrez Azure Files, une solution de stockage cloud gérée, sécurisée et sans serveur offerte par Microsoft. Ce service permet la création et la gestion de partages de fichiers en utilisant…
Microsoft 365: Reduce your mental load at work
This article does not claim to revolutionize mental health at work. Mental workload is a complex subject that requires comprehensive and personalized support. However, everyday tools, like those presented in…
Optimize your productivity with Copilot training for M365
Copilot for Microsoft 365 is a revolutionary tool, powered by cutting-edge artificial intelligence (AI), that integrates directly into your Microsoft ecosystem. Imagine having an intelligent assistant at your side, accessible…
New Microsoft Teams: A redesigned collaboration experience
Microsoft Teams has a new interface and new features, providing a smoother and more efficient collaboration experience. This major update, called New Teams, gradually replaces the classic version of the…
MS Solutions talks about cybersecurity & new cyber risk trends in Business
The Journal Les Affaires published on October 12, 2023 a report on cybersecurity featuring Bernard Després, Partner, Security and Audit Practice Director at MS Solutions, who talks to us about…