Audit of the ICT network
What is a Web Audit?
A network audit is the process of mapping and inventorying a network in terms of hardware and software. This is quite a complex task that requires manual identification of network elements. In some cases, network audit tools can provide automation support to identify devices and services connected to the network. In addition to hardware and software, the audit should cover security documentation such as user accounts and groups, and permissions.
Network audit versus network assessment?
What is the difference between network audit and assessment? While network audits inventory hardware devices, software, and services at each location, network assessment serves a completely different purpose.
Network assessments are used to examine the IT infrastructure and identify any potential areas for improvement or attention. Topics such as bandwidth bottlenecks, network security failures, and unused or overused resources are covered.
In particular, network assessment can help organizations solve network problems that plague their networks, applications, degrade performance, or create additional security risks and concerns. Assessment reports are used to make specific recommendations on how to improve network performance, increase network security and reduce costs – all in order to maximize the IT infrastructure and core network.
There are many reasons why an audit should be considered. Usually, it is carried out when important technology decisions or business requirements are made. Here are some potential reasons why you should consider conducting a network audit.
1) Outdated and incomplete inventories
When was the last time an audit was carried out? A lot can change over time – organizational changes, new and existing web application requirements, budget and capital expenditure forecasting, and rotation in the IT department, especially in the network infrastructure.
2) Updates and Refresh
Network administrators tend to fall into an operational state where their day-to-day operations are their top priority. However, networks need to be updated and refreshed from time to time. This is especially true for the modernization of network technology. This includes performing an audit to identify hardware and software that need to be replaced or upgraded.
3) Troubleshooting and troubleshooting
Probably the last thing IT professionals or network administrators would like to hear is that we have a major network failure, cannot connect to the Internet, or latency issues are affecting applications, customers, users and partners. In this scenario, it is needed in an emergency as a way to fix network problems.
4) Regulatory and Compliance Standards
For many industries, including financial and healthcare, regulatory and compliance standards are an important reason to start a network audit. This includes adhering to HIPAA, SOC1, SOC2, FedRAMP, PCI, FISMA, NIST and other critical compliance standards. It can be used by internal or external auditors to assess the compliance of the organization as a whole.
Below are some key areas that should be considered in the network audit process. Unfortunately, some of these tasks will need to be completed manually. Others, in turn, can be done using advanced network auditing and analysis tools.
The best place to start a network audit is to create an inventory of your existing network. This includes listing the devices that are networked at each location. It is important to consider both the physical and virtual network infrastructure associated with each location.
Another important part of the process is identifying the services and service providers in each location. This includes keeping a record of the telecom providers, internet service providers, and network providers used in each location, along with contract termination and prices or rates.
Identification of obsolete devices
After creating a comprehensive inventory of equipment and services at each location, the next step is to determine if any equipment is obsolete, out of date, or near the end of life. This includes hardware such as routers, switches, and firewalls. This may also include software, licenses, versions, and technical support.
Most architects and network engineers like this stage of the audit process. This is where they can create their masterpiece – network diagrams. Some professionals use Microsoft Visio, while others rely on tools such as SolarWinds, Intermapper, Lucidchart, Edraw Max, and LANFlow.
Network diagrams are used to define the various connections and relationships that exist between locations and devices on a network. They provide a visual representation of the network.
Last but not least, network security is an issue in the audit process. Some clients may choose to briefly raise the topic of cybersecurity, while others create detailed scopes of projects entirely devoted to this issue
We have already discussed why network audits are important, when to consider conducting an audit and how they are related to the assessment. Now let’s discuss how to conduct a network audit. There are three stages to conducting an audit – audit planning, conducting the audit, and post-audit activities.
Network audit planning
The first rule to successful planning is preparation. Lack of proper planning can result in delays and dissatisfaction with the results of the project at the end of the project. Here are some things to consider when planning a network audit.
Obtaining acceptance from interested parties
First and foremost, it must be approved by all interested parties. It is crucial for almost all IT related projects. Typically, two main actors are involved in network audits – management teams and technical teams.
Even with management approval, make sure the technical team is involved from the very beginning of the audit. They have access and insight into critical parts of the IT environment directly related to the network.
Make sure you have a plan of what tools the auditor will use to audit the network.
Access to devices
Does the auditor have access to all devices? Regardless of the tool used, access via SNMP, Telnet and / or SSH is required. The credentials should be documented – usernames and passwords to gain access. This is especially important with SNMP as you may find that your network devices are not SNMP enabled.
Data storage and availability.
Where will network audit data be accessed and recorded? Personal laptop, desktop computer or hard drive? This can be a security problem, highly sensitive information can increase the risk and vulnerability of the network to attacks. You may also need a computer to process and store large amounts of data.
Network discovery tool
Here are some tools we recommend when conducting a network audit – NetformX, Wireshark, and Nessus. There are many audit tools and they should be selected adequately to the needs and objectives of the audit.
Network discovery tools may take hours or even days to compile an inventory of the network. Many of these tools create lists, diagrams, and documents for web auditing. They will be used in the post-audit phase of the process.
Post Audit Actions
Running web tools and creating an inventory is great, but what do you do with your audit results? There are two outputs that we should have at the end of a network audit – the network audit report and the audit recommendation.
Network Audit Report
The network audit report keeps things tidy and is used to make sense of the information gathered during the audit. As mentioned, many of these web tools provide automated reporting that addresses issues from a business and operational perspective rather than from a technical perspective.
As a result of the audit report, specific data necessary for the formulation of recommendations are presented. This includes the detection of outdated hardware, outdated software versions, and not fully used network services. It can also be used to make recommendations for quick fixes when troubleshooting a network problem.
Related blog articles
Krajowy System Cyberbezpieczeństwa to wymagania dla operatorów usług kluczowych oraz usług cyfrowych. Czym są te wymagania opisane w dość oszczędny sposób w Ustawie? Co mówi sama ustawa o tym jak zapewnić bezpieczeństwo i ciągłość realizacji usług kluczowych?
Częstym problemem organizacji jest zapewnienie efektywnego i gwarantującego właściwą rozliczalność kanału komunikacji wewnętrznej, np. związanej z realizacją praw podmiotów danych, czy zgłaszaniem i obsługą naruszeń ochrony danych osobowych
Ile faktycznie zajmuje identyfikacja i realizacja praw podmiotu danych? Czy nasz rejestr czynności wspiera realizację praw? Czy potrafimy automatyzować procesy realizacji praw podmiotu danych?