EMSO ERIC is seeking a comprehensive IT audit to assess and ensure the reliability, security, and efficiency of its IT infrastructure.

Tasks to be Audited:

  • IT Asset Inventory: Compilation and verification of a complete inventory of all IT assets, including hardware, software, and network components.
  • Documentation Adequacy: Review documentation describing IT infrastructure.
  • System Configuration Review: Detailed review of system configurations, ensuring they adhere to best practices and organizational policies.
  • Vulnerability Assessment: Identification and assessment of vulnerabilities in the IT infrastructure, with a focus on critical systems and data repositories.
  • Security Controls Testing: Testing of existing security controls, including antivirus software, firewalls, and intrusion detection systems, to ensure they are functioning effectively.
  • Data Protection Evaluation: Examination of data protection measures, including encryption, access controls, and data retention policies.
  • Compliance Audit: Assess compliance with relevant policies and regulations.
  • User Access Review: Analyze user access and permissions.
  • Disaster Recovery Testing: Evaluate disaster recovery plans.

 

Requirements:

  • Experience: Proven IT audit track record and expertise in network security and data management and in similar auditing exercises.
  • Team Composition: Profiles of team members with relevant experience.
  • Methodology: Description of the audit approach, including tools and techniques.
  • Deliverables: Interim and final reports with recommendations.
  • Timeline to deliver: 2 months

 

Submission

Tender proposals should be submitted via pec(certified electronic mails) to the following address:

eric-emso@legal.email.it at latest July 19th, 2024 by 6.00pm (CET).

 

For more details and how to apply, please see the official call.

 

We look forward to receiving comprehensive and competitive proposals from qualified audit firms.