White paper: Copilot for Microsoft 365,
the optimal adoption journey

Discover
Grab a coffee
Get a quote
Contact
General IT Controls Audit
General IT Controls represent one of the foundations of an organization's internal control. Our IT controls audit evaluates an organization's general controls to confirm the effectiveness of the protection mechanisms in place, and their robustness to any incidents that may occur.
Contact us

Carry out a qualitative General IT Controls audit

The General IT Controls (GITC) audit includes numerous, diversified verifications and tests. This audit is particularly recommended in the context of a company buyout and may be a regulatory requirement depending on your type of organization. You can count on the help of our MS Solutions experts to perform it successfully.

Why perform a GITC audit and entrust it to an external partner?

The GITC audit consists of evaluating the general controls of an organization’s information technology, in order to confirm the effectiveness of the protection mechanisms in place, and their robustness to any incidents that may occur.

  • The results of the tests performed on these controls are then presented to the organization’s governance in a pictorial report. Recommendations are issued to prioritize, target and direct improvement opportunities. Experience and objectivity are required to provide an independent view of these controls.

Inclusions with a GITC audit:

The checks and tests performed as part of a GITC audit are numerous and diverse, and include:

  • Summary audit of organizational security: governance, risk management, personal awareness and insurance
  • Summary audit of the security of public assets: website management, DNS management, social media management
  • Summary audit of external network security: documentation, security perimeter and remote access
  • Summary audit of physical security: physical access, server room and communications room
  • Summary audit of internal network security: documentation, system obsolescence, antivirus, password management, accounting software 
  • Summary audit of operational security: robustness of systems, backup management

MS Solutions is committed to providing you with a comprehensive report, with recommendations and evidence.

The process for a GITC audit:

The methodology that we recommend for the successful realization of a GITC audit is adapted to the size and reality of each organization. We are present from the planning of the audit, right through to the presentation of a detailed report based on data collected and analysis of your IT systems. The following steps are included.

Our experts will meet with the people in your organization who will be involved in the project, so we can plan it together. All stakeholders will be identified and contacted.

Our experts will undertake the collection of all required information, by accessing the IT environment, governance documentation, and targeted information assets.  

Our experts will continue the audit with verification and testing of the following six major controls:

  • Organizational security
  • Security of public assets  
  • External network security 
  • Physical security  
  • Internal network security  
  • Operational security  

The report will present the results of the various analyses performed, as well as the findings from throughout the audit. The report will detail all the issues raised by our experts, as well as a series of recommendations to improve your security posture.

You will receive an illustrated report to simplify understanding. Recommendations will be issued in order to prioritize, target and direct improvement opportunities

Contact us

Our Commitment

Our team of experienced technicians will help you solve your IT issues efficiently, and allow you to focus on your growth.

Yves Coté

Partner, Vice President of Operations

News from the IT world

Contact an expert