		About NSA │ Contact
IT Consulting Audit & Compliance Strategic Planning Web Development Telecommunications Software Solutions

Internal Audit

The NSA IT Security Audit process verifies the implementation of IT controls identified by your organization's risk assessment, or relevant regulations, as part of your IT security program for mitigating risk.

Our information technology audits are designed based on regulations and guidance from:

Federal Financial Institutions Examination Council (FFIEC)
Federal Deposit Insurance Corporation (FDIC)
National Credit Union Administration (NCUA)
Industry Best Practices
Office of the Comptroller of the Currency (OCC)
Federal Reserve (FRB)
Office of Thrift Supervision (OTS)

The IT Audit process involves collecting and examining documentation related to the organization's practices and procedures, data related to technological controls, interviews of key personnel, walkthroughs of physical locations, and any other resources that impact the effectiveness of the security program. These resources are leveraged to verify that the existing controls adhere to the organization's risk assessment, best practice standards, and applicable regulatory compliance.

NSA's expert analysts thoroughly document each step of the process in order to provide a clear audit trail for compliance reporting. Additionally, our methodology supports the ability to archive critical data to support the audit conclusions while maintaining accurate audit trails.

Some of the services in the NSA IT Security Audit include:

Authentication and Access Controls
Network Security
Host Security
User Equipment Security (e.g.: workstation, laptop, handheld)
Personnel Security
Physical Security
Application Security
Software Development and Acquisition
Business Continuity - Security
Service Provider Oversight - Security
Encryption/li>
Data Security
Security Monitoring

NSA Information Security Analysts (ISA) conduct the independent verification by reviewing the relevant documentation and performing interviews/walkthroughs.

Documentation includes the policies, procedures and checklists that define and/or support the IT controls. The interviews and walkthroughs, which are conducted with key personnel from the organization, are performed to validate adherence to the documented policies & procedures, as well as to corroborate the practices described during the interview process.

The IT Audit results are provided in an extensive report containing:

Introduction
Executive Summary
Remediation Action Plan
Detailed Audit Results
Control Descriptions & Verification Procedures
Supporting Documentation

IT Consulting IT Business Support Infrastructure Development IT Planning IT Project Management Network Design Virtualization Energy Usage	Audit & Compliance Regulatory Compliance Information Security Internal Audit Risk Assessment Policy & Procedures ISO/HIPPA Development & Analysis Security	Strategic Planning Business Continuity Strategic Analysis Business Planning Disaster Recovery Research & Development Remediation & Managed Services Software Solutions Database Design & Development Custom Software Development Web Development Mobile & SMS Applications	Telecommunications Telecom Development Managed Services Onsite VOIP The Cloud Internet Wireless Mobile Solutions	Web Development E-commerce Online Marketing SEO Social Media Mobile Development Hosting Brand Management Intranet Solutions	About NSA Our Team Mission Statement Careers Contact Us Sales Customer Support FAQ Privacy and Terms Privacy Privacy Terms
2013 © Network Security Associates. All Rights Reserved.