Service Provider Audit

Our it experts are here to help

Compliance audit of your service provider

Your partners and service providers make a significant contribution to the success of your company. This makes it all the more important that the IT of your service providers is as efficient and secure as your own.

Can responsibility be outsourced?

Not knowing your partners or service providers is like not knowing your own IT. After all, you cannot correct security vulnerabilities or weaknesses in processes that you know nothing about. The responsibility for outsourced services always remains with you, contrary to many assumptions. In short: responsibility cannot be outsourced.


Keep the overview

Whether you are pursuing external certification, checking compliance with your internal guidelines or purchasing software from a service provider: If you know the crucial points that need to be monitored and checked, you have gained a whole new level of quality and security.

What are your drivers for a Service Provider Audit?

We help you to ensure that your partners and service providers comply with a wide range of regulations.

legal & regulatory requirements

You are bound by applicable law or regulatory requirements to comply with and verify certain specifications.

Requirements from standards

You monitor compliance with external specifications. Especially if your company has its own certification (e.g. ISO 9001, ISO 27001)

Internal guidelines

You place the highest demands on your own IT processes. And on those of your partners.

Industry requirements & customer specifications

You take the demands of your customers very serious and protect your company from loss of reputation.

What do we check during a Service Provider Audit?

A service provider audit is always individually tailored to the requirements relevant for you and your service providers. For example, we check:

  • Supplier contract
  • Supplier management processes
  • Supplier policies
  • Suppliers incident management
  • Change management
  • Security management
  • Release management
  • Capacity management
  • Incident and problem management

What can you expect?

We design each compliance audit flexibly and adapt it to your needs and circumstances. As a rule, a compliance audit is divided into the following phases:

Phase 1
Requirement analysis
Phase 2
Document review
Phase 3
Analysis plan / Audit agenda

Phase 4
On-site audit or remote audit

Phase 5
Evaluation of the results
Phase 6
Phase 7
Results report

What do you receive after a Service Provider Audit?

You will receive reliable results after the audit is completed:

  • A detailed report on all relevant topics
  • A catalogue of measures with concrete recommendations
  • Presentation of the results at your site or remote
  • Consultation for the implementation of the necessary measures



Please contact us with any questions or queries.

Phone: +49 6102 8631-190
Contact Form


Kontakt usd Sales

Anna-Magdalena Kohl
usd Team Lead Sales,
PCI Professional