WARNING: Your browser does not support JavaScript or JavaScript is turned off.

IT Security Assessments & Audit Readiness


The dependence on Information Technology (IT) is ubiquitous for majority organizations working in development.  Simultaneously, threats to IT and the business processes it supports continue to increase.  Large organizations might have resources (time, money, and capacity) under control to possibly reduce IT risk landscape; however, small & medium size businesses, some non-profit organizations, civil society organizations, etc. operating in development have perhaps the greatest relative technology risks combined with least amount of resources allocated to identify and assess those risks. These organizations are at-risk and vulnerable to IT threats that can result in service disruptions, revenue loss, and costly mitigations. 

AGC uses a combination of selected assessments and audit methodologies derived from standards in the security auditing world and best practices designed to help at-risk organizations, and staff to address organization driven high-risk IT threats and mitigation consultation.

Our Approach:

AGC’s IT Risk and Audit Services consists of packaged solutions that are:

  • Targeted for at risk organizations faced with the pervasive IT risks
  •  Objective to inform an organization of the risks they face, their capacity to address them, and potential threat actors.
  • We identify the training and technical support needed to address the most high-risk and persistent IT threats
  •  Gather information to support the organization's values, and risks of the business as a whole

Our practice areas are structured in the following areas:


IT Security Risk assessments

As more IT services become available and dependent on Internet-based technology, the risk of potential liability, cost, and repercussions increases as well. AGC’s IT Security Risk Assessment offers an important foundation tailored to the needs and resources of an organization. Our professionals offer experience in areas, including:

  • Organization and Management Practice
  • Software integrity Practices
  • Network Protection Practice
  • Personnel Practices
  • Data Security Practices
  • Personal computer practices
  • Physical Security Practices
  • Information Security Practices
  • Incident Response Practices

Digital Security Audits

How critical is your organization data? Software vulnerabilities are discovered daily and organization leadership need to take an institutional lens on digital security problems, and insist on periodic targeted digital security audits to expose vulnerabilities that impact the vital processes and key assets identified. AGC works with risk organizations to identify the risk they face, structure the next steps to address them, and guidance seeking future support, including: External Security Vulnerability Testing

  • Security Strategy
  • Identity & Access Management
  • Secutiry Assessments
  • Application User Segregation of Duties
  • External Security Vulnerablity Testing
  • Internal Security Vulnerablity Testing

IT Process Audits

Usually, ineffective design and documentation of IT processes are the root causes of IT failure and inefficiencies to deliver organizations’ operational objectives. Our team offers demonstrable experiences in areas, including:

  • Change Management
  • Problem/Incident management
  • Back-up and restoration
  • Project Management
  • Problem/Incident management
  • Business Continuity
  • Program Management
  • Security Monitoring and Response
  • User Administration

IT Project Audits

AGC helps organizations determine whether the requirements for acquisition or developed IT product are complete and correct; ensure the outputs for each development phase fulfill the requirements driven by the previous phase; and the final product complies with specified requirements. AGC will provide a project specific view into the risks of:

  • Inadequate project management baseline
  • The design and build not meeting requirements
  • Inadequate post implementation control environment

Impact:  Please contact us to discuss how our IT Risk and Audit practice can:

  • Proactively identify and address risks to your critical information technology
  • Bring specialized skills and knowledge to your IT program
  • Work with your team to tailor to the needs and resources of an organization

Complete Sitemap