Audit
Professional Audit Services
by GERICO Security
Our structured auditing processes assess compliance with standards, regulations, or corporate policies, ensuring adherence to ISO 19011:2018 guidelines and ISACA criteria providing evidence for conformity or non-conformity assessment.
Audit Type: a first-party audit (internal) and second-party audit (supplier/client evaluations).
In addition, Gerico Security cooperate with accredited certification bodies for Third-Party Certification Support. Third-party audits provide internationally recognized certificates.
Related
certifications
19011:2018
Audit Services
Gerico
First & Second-Party Audits by GERICO Security
We conduct first-party and second-party audits across multiple compliance frameworks, ensuring your organization meets regulatory and industry standards. Our Audit Frameworks:
- ISO/IEC 27001 – Information Security Management
- ISO/IEC 20000 – IT Service Management
- ISO 22301 – Business Continuity Management
- ISO 9001 – Quality Management
- ISO 28000 – Supply Chain Security
- PCI DSS – Payment Card Data Security
- Cybersecurity Audits – Assessing corporate exposure to cyber risks
- Privacy Compliance – Ensuring alignment with regulatory requirements
Third-Party Audits
We collaborate also as auditors with leading certification bodies to conduct third-party audits for Information Security, Business Continuity, and IT Service Management Systems. As experienced auditors, we facilitate certification processes, managing communication, contracts, and scheduling the activities based on our clients’ needs.
PCI DSS Compliance Audits
As mandated by the PCI Council, we conduct:
- Audit Level 1 – Report on Compliance Report (RoC) & Attestation of Compliance (AoC) by a QSA
- Audit Level 2 – Self-Assessment Questionnaire (SAQ) & AoC validated by a QSA
- ASV Scans – Compliance scans as per PCI DSS Requirement 11.2.2
