Internal Audit

Check your IT security measures.
Reliably and individually.

Your company needs to conduct an internal audit due to a regulatory requirement or you want to check whether your IT security measures are being implemented consistently throughout the organization? Use an internal audit to uncover any need for action.

More transparency through an Internal Audit

The specific reasons for an internal audit are many and varied. Among the most common are, for example:

  • Supplement to the internal revision
  • Component of an external audit (e.g. according to ISO 27001)
  • Uniform risk assessment of different business units of a global corporation
  • Review of the security level of new organizational units after mergers
  • Harmonization of security levels within organizational groups

No matter what reasons apply to you: An internal audit is always an opportunity to create transparency, identify potential risks and implement measures to reduce these risks.

Benefit from an external auditor

Greater acceptance of the audit result due to the independence and objectivity of the auditors

Relieve the workload of your internal audit department and other employees

Auditors have expertise in the state-of-the-art technology

Pragmatic recommendations for measures through combined experience in consulting and audits

usd AG - The right partner for your Internal Audit

Since 2005, we are authorized by the Payment Card Industry Security Standards Council (PCI SSC) to perform security audits according to a variety of standards within the credit card payment industry. We also use our extensive experience and deep technical knowledge as a reliable partner in other audit areas, such as SWIFT, C5 or KRITIS.

What our team brings to you

  • Many years of experience, industry certifications and broad expertise
  • Best practices for routine audit execution
  • Audit catalogs and frameworks tailored to your individual needs and objectives
  • An understanding of internal auditing as a partnership project at eye level

What you will have in your hand at the end

After completion of your internal audit, you will receive a detailed results report from us. We prepare it in our layout and structure, either in written form or as a presentation for your management level, as desired. The report contains the following information:

  • A management summary that provides an overview of the current state of cybersecurity, identified risks, and key recommendations
  • Documentation of the vulnerabilities found, including corresponding recommendations and actionable measures
  • Documentation of the identified risks with a classification according to their respective criticality

Fitting your needs:
If you wish to have a report in your template or if you need individual adaptations, we will of course be happy to implement this for you. 

Special Internal Audits

Internal Audit accoding to ISO 27001

We review the maturity of your ISMS - as a prerequisite for your successful certification.

Internal Reviews according to PCI DSS

Requirement 12.11 specifically requires service providers to conduct quarterly internal reviews.

Cyber Security Check

This check provides you with transparency regarding the current state of your information security and possible IT risks.



Please contact us with any questions or queries.

Phone: +49 6102 8631-190
Contact Form


Kontakt usd Sales

Anna-Magdalena Kohl
usd Team Lead Sales,
PCI Professional