Skip to content

mateusiclopes/it-security-audit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
docs
docs
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

IT Security Audit – Botium Toys (Case Study)

EN: Internal IT audit case study for Botium Toys, a fictional U.S. toy company expanding to the EU.

📄 Full Audit Report (PDF):
docs/Botium-Toys_Audit.pdf

📌 Scope & Objectives

  • Assess IT controls (technical/administrative/physical) and compliance maturity
  • Evaluate PCI DSS, GDPR, SOC criteria exposure
  • Provide prioritized recommendations (0–90 days)

✅ Highlights (Executive)

  • Controls: Firewall ✅ · DRP ❌ · IDS ❌ · Encryption ❌ · AV ✅
  • PCI DSS: Missing encryption & access controls for cardholder data ❌
  • GDPR: Data inventory/classification missing ❌ · Breach notification plan ✅
  • SOC (TSC): Integrity/Availability ✅ · Access control/Confidentiality ❌

📊 Audit Flow (Mermaid)

graph TD
  A[Define Scope & Goals] --> B[Risk Assessment]
  B --> C[Controls & Compliance Checklist]
  C --> D[Findings & Recommendations]
  D --> E[Report & Next Steps]
Loading

About

Internal IT audit case study for Botium Toys: controls checklist, PCI/GDPR/SOC review, and prioritized recommendations.

Topics

cybersecurity pci-dss gdpr risk-management it-audit nist-csf soc2

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors