IT Audit

IT Audit

IT Audit

IT Audit helps organizations to understand their technology risks and how to control them -in fact, for contemporary businesses IT Audit is the opportunity to achieve business goals in a rapidly changing technological environment.

TMC LLC offers to its’ customers IT Audit Service contains following proceedings:


Network Perimeter Audit

  • Identity and Access Management Audit
  • Configuration Management
  • Web application audit (OWASP)
  • Perimeter (Network Traffic flow) Audit
  • Application architecture Audit
  • DevSecOps Audit (Quality Gates, Code Coverage, Code Smells )
  • Static Code Analysis.
  • PKI Audit.
  • Log Analytics.
  • Cloud Security (AWS IMA )
  • Firewall L4-L7 Assessment.

Infrastructure audit

  • Storage Hardware
  • Server Hardware
  • Windows Server
  • Linux Server
  • Database
  • Software-Defined Storage
  • Network Hardware audit
  • Network Topology audit
  • Data Center Virtualization (VMware)
  • Storage Network
  • Wireless infrastructure

 

Development audit

1. Coding Standards

  •     Basic Coding Standards and Coding guidelines
  •     Error Handling
  •     No Suspicious Comments
  •     Copyright and Confidentiality Statements
  •     Design Patterns
  •     Logging usage and Logs file rollback strategy
  •     Usage of Constant/properties file over a Hardcoded text
  •     No large commented sections
  •     Basic Api/Frontend/database validations

2. Security

  •     Cross-Site Request Forgery (CSRF) prevention
  •     Application security – Configuration Management
  •     Application security – Secure Transmission
  •     Data security
  •     API/Ui with Critical functionality exposed without any security
  •     Authentication layer
  •     Login session/token expiry/validation
English