Emergency service

Our Partners

Hearfield Research Ltd. Superior Webdesign.

Pokorny GesmbH Electrical installations, network installations and special purpose devices.

3 - Audits


For a variety of reasons, the ICT architecture and infrastructure of many companies and organizations becomes overtaken by events and more expensive to operate and maintain than necessary. Performance, suitability, reliability, cost-effectiveness and security of ICT systems need to undergo a permanent review process As consultants in the area of business management and information technology experts, we can add an external dimension to your internal perception of your support systems. Our experience shows that companies can expect a medium term reduction of their ICT operating costs of about 25% in comparison to ICT infrastructure that has not been adapted for a couple of years.

Audits must never be isolated projects but processes that accompany systems during their life cycle.

3.1 Basic Comprehensive Audit

The Basic Comprehensive Audit package is a first step to identify potential weaknesses and areas which would benefit from improvements. As modus operandi we conduct a number of assessment meetings with you, based on various checklists and questionnaires.

We provide you with a report that supports you in evaluating the state of your ICT architecture which includes our recommendations for improvement.

3.2 Comprehensive Audit

As result of the Comprehensive Audit package, we provide you with a detailed analysis of selected systems or the entire ICT Architecture of your company.

This analysis contains exact assessments of the systems audited in the areas of reliability, security, suitability, cost- effectiveness and performance. In addition to the analysis, you receive a report enumerating weak spots, detailed improvement proposals and suggestions how you can reduce your operating costs while maintaining or improving the quality of services.

3.3 Security Assessment

You may want to ask yourself the following questions if you're unsure whether you should have a Security Assessment conducted:

  • What is the value of your data? For you? For your competitors?

  • Do you have a Security Policy? Does it live only on paper or is it reality?

  • Do you log information from existing auditing systems? E.g., who access which data..

  • If you have such information, how is it analysed and by whom?

  • What are your Internet access security measures?

  • Which options of remote access (via the Internet or otherwise) to access your network(s) and data are in place? How are these paths secured? Are all of them necessary?

  • Do you have a current Password Policy? On paper only or is it reality?

  • Do you have a current Disaster Recovery plan? Is it being tested regularly? By whom and who is in charge?

  • Where are your backups? Do you have off-site backups? Who has physical access? How current are your backups? Who supervises execution of backups and how?

  • Do you have a framework defininig access to resources? Who may access data, services and devices for which purpose and in what role? Current? Alive or only on paper?

  • Are Operating Systems and applications at current product- respectively patch levels?

  • Are all applications and services in use necessary?

  • Are security settings and measures at best practice levels?

  • Do you have development standards for applications in the area of security and are these being enforced?

  • Do you test applications developed inhouse or externally for compliance with your security standards?

  • Do you employ measures in the areas of change and configuration management? Which measures, how current, who is in charge?

  • Which measures against computer viruses, trojans, spyware and other malware are in place?


  • Security needs to be clearly defined - not as a project but as part of the company philosophy.

    ict-expert employs self-recherched check lists as well as a variety of applications, partially developed by us. We base our services largely on ISO 17799 when researching the state of your security.

    The scope of the security assessment process is clearly defined with you beforehand. The results are conveyed to you together with concise recommendations targeting the elimination of threats and remedial actions for weak spots.

    Depending on the kind of systems in place, we employ the services of partner companies contingent on your approval. We don't have in-depth experience with each and every system being used.

    3.4 Reliability & Continuity Audit

    As long as ICT systems provide the required results with an acceptable level of service, risk management, disaster recovery and contingency planning often are given a low priority.

    Yet, in case of problems, these do not appear in isolation but often trigger a cascade of events, constituting a brutal test of the documentation availability, quality as well as existing procedures such as backup and contingency measures.

    Together with you, we assess or create a comprehensive Risk Management documentation, authoritative Contingency Planning documents and procedures as well as a Disaster Recovery Plan which we then put to the test - as a live exercise or as a dry exercise.

    Because - The show must go on!

    3.5 Suitability Assessment

  • Are your ICT systems, ICT architecture and applications in line with your current requirements?
  • Do your ICT systems and applications support your business processes in all necessary areas?
  • Do your ICT systems deliver the information you require?
  • How long does it take to obtain the information you require?


  • During the Suitability Assessment, we evaluate selected systems, their interfaces or the entire ICT architecture of your comapny or organization.

    We provide you with a detailed analysis of the evaluated systems, improvement proposals with clear indications of the advantages and costs of change as well as an overview of existing weak points together with suggested remedial actions.

    3.6 Value-for-Money Audit

    We perform benchmarking services for selected systems or your entire ICT architecture and develop recommendations to reduce costs of purchase as well as ongoing costs such as maintenance, operation and consumables while maintaining current grade of service or improving it.

    In this effort, data of enterprises with similar or identical parameters are used for comparison and evaluation. Parameters applied are size, structure, field of business, area of operations, geographical parameters etc.).

    ict-expert provides you with a score card as well as textual report documents intended to assist you with implementing best practices to reduce costs for ICT as a support function.

    How much?


    We invoice set hourly rates depending on the kind of service provided. A number of services is available as lump sum offers, our customers can also enter into service or project management contracts with us and/or acquire blocks of hours at a reduced price.

    Contact us, we will provide you with a specific offer for your requirements.

    Back to service overview.