Information Security Inspections

A security audit carried out by a reliable independent third party organisation will ensure the efficiency and statutory compliance of your information systems and organisation.

With decades of experience in security auditing, Nixu carries out over 350 audits annually. Thanks to our proven and efficient methodology and experience in different systems, our audits are both convenient and economical. 

Audit reporting provides instructions for resolving issues

Our customers are provided with a detailed report of the audit's results, including information regarding security level and compliance, as well as instructions for resolving any issues detected in the course of the audit. The report addresses both risks and environmental factors, observations and recommendations are categorised according to the severity of the issues.

Typical information security audits include

  • Web application penetration testing
  • organisational compliance audits
  • network security assessments
  • server hotel security audits
  • subcontractor security audits
  • ICS system security audits
  • ERP system security audits
  • embedded system security audits
  • mobile device and mobile application security audits.

We conduct audits in accordance with the following information security standards, recommendations and requirements:

  • PCI DSS
  • PA-DSS
  • ISO/IEC27001
  • COBIT
  • KATAKRI
  • the Finnish government’s security level guidelines
  • the Finnish government’s VAHTI guidelines.
Security audit methodology

Nixu’s audit methodology varies according to case-specific requirements and the system or solution audited. For example, when auditing information systems, our typical methods include vulnerability scanning, source code analysis, interviews as well as inspections of documentation system configurations.

Nixu will take care of your security audit needs

Audits can be carried out either as individual assignments or we can assume the responsibility for an entire company’s internal security auditing. We can also help you eliminate vulnerabilities and offer continuous vulnerability management.

Is your Web service secure?

Approximately 90 percent of the Web applications we have audited have had at least one critical vulnerability. Do you know the security level of your Web application?

Business Continuity & Risk Management

Tools for operational risk and overall risk management.
Read more

Secure Software Development & Procurement

Ensure software security already during the development stage.
Read more

Situational awareness & Network Security

Continuous information security monitoring and high security network implementations.
Read more