UNIS COMPUTERS offers a comprehensive cyber security audit in accordance with all Czech and EU legal standards.
The cyber security audit includes the following areas:
- Verification of established organisational measures, in particular:
- Implementation of the information security management system
- Risk management, determination of security policies pursuant to Article 5 of the Cyber Security Regulation
- Implementation of a security organisation, setting up a Cyber Security Management Committee
- Specification of security requirements for contractors
- Management of assets consisting of their identification, specification of guarantors, and evaluation of the importance of assets and their protection
- Security of human resources within the employee's life cycle and development of their security awareness
- Management of operation and communications – ensuring the safe operation of KII and VIS information systems, including documentation
- Management of access to the information system, password rules, and safe user behaviour
- Management of specific cyber security events and incidents
- Verification of established technical measures, in particular:
- Rules and devices for physical security, utilisation of tools for the security of industrial and control systems
- Implementation of tools for: protecting the integrity of the communications network, verifying user identity, managing access rights, protecting against malicious code, recording activities of KII, VIS, their users, and administrators,
Detection, collection and, evaluation of cyber events
Security documentation evaluation
Processing a report from the cyber security audit, defining individual findings
and help in defining their solutions.
We offer you a comprehensive audit of GDPR readiness, including:
1. An analysis of the current status of personal data protection with the organisation to identify the underlying facts, in particular:
- The nature of the organisation to determine whether the obligation to designate a personal data protection officer will apply to it
- The existing information security management system with an emphasis on the protection of personal data, agendas, activities, and processes, in which personal data is processed in the organisation
- The purpose of processing personal data in individual agendas and activities, including their legal titles (legality of processing)
- The method of fulfilling the information obligation when collecting personal data
- The traceability and content of consents to the processing of personal data for those processing purposes that are subject to the consent of the data subjects
- The method of processing personal data across agendas throughout their entire life cycle to determine whether or not to carry out a personal data protection impact assessment
- Parties involved in the personal data processing
- The level of technical and organisational measures taken to ensure the personal data protection
- Documentation base and its recency
- Control activities
As an audit output, you will receive:
- A list of points that currently do not meet legal regulations
- A solution proposal to eliminate technical and procedural discrepancies, including the draft of missing processes
- Implementation of technical and organisational measures
