• Security Audit-Service


Security & Audit Service: From Risk to Business

"Security and Audit Service" is the only consultancy service of its kind currently available on the market. All audit modules, whether technical or organizational, are covered comprehensively by flexible maturity models.

The audit channels

audius provides a team with a wide range of expertise and four audit channels to cover a broad spectrum of topics:

  • IT process maturity levels
  • Security and compliance management
  • Technical infrastructure maturity levels
  • Security and penetration tests

Each channel contains modules ranging from technical building systems to network and basic infrastructure as well as detailed application and hardware analysis. This applies equally to process maturity level audits and to our technical security tests.

For all modules, the support audius offers your company is of paramount importance:

  • Transparency at all business levels
  • Clear reporting for your target groups
  • A neutral, third-party perspective as a basis for decisions

IT security is not an end in itself: The objective is always to ensure your operational security and protect your business.

The method

The procedure for the audit service is

  • comparable with a uniform procedure and metric
  • measurable by Loss Control Metrics
  • understandable by targeted reports

The steps involved:

  1. Structural Analysis / OpSec
    Know your operational security! Know what is where! Know your trust! Know your controls! Know functional & non-functional requirements!

  2. Risk-Assessment / OpRisk-Management
    Know what stops your business operations! Know what harms your reputation! Know where to put your money first!

  3. Compliance Management
    Know your legal framework! Know which law, standard or regulation to follow & which could be a threat to the business!

  4. Process Organization
    Know how processes deal with the human factor in security!

  5. Risk Treatment / Actionplan
    Design perfect operational security! Balance your assets, trusts, controls & limitations!

  6. Improve & Mitigate
    Implement technical & process measures to improve current operational security!

  7. Monitor
    Continuously measure / manage operations, security, limitations & trusts!

  8. Security-Tests & Audits
    Make the reality check! Pentests, infrastructure maturity audits & technical assessments as catalyst to learn how your controls need to work!


In summary it means:

  • Determination of deviations and potentials based on the respective audit framework and level of maturity
  • Development of a prioritized action plan
  • Progress monitoring based on agreed key performance figures


To optimize - the sometimes conflicting - balance between security and compliance, the staff continuously follows a non-technical and technical certification path, like ISO20000 (ITIL), ISO 27001 (ISMS) and the OSSTMM. The IT Security and Audit service is always tailored to your operational requirements, while also considering the technical maturity level of your company.

The audit modules undergo continuous development to ensure that they are always in line with current trends:

  • Cloud security audit
  • Internet of Things (IoT)
  • Industry 4.0
  • Car security

In addition audius also supports leading manufacturer implementations including Microsoft.

The expert: Joerg Simon

"With over 30 years experience as developer and as electronic warfare specialist - and with over 20 years working as a security researcher, i still strive to lead new trends and developments.

Currently i build a new program for proper offshore security tests and work on the compliance killer program to enable my clients to find the right balance regarding security vs compliance.

My company audius GmbH enables me to work on different OpenSource Projects like the Fedora-Project or the ISECOM.

The Fedora-Project is my place to bring in or bring back Security Test Applications like dsniff, unicornscan or others to one of the most famous and technically advanced Linux Platforms. The Open Source Community knows me as the Maintainer of the Fedora-Security-Lab (a platform for security testing), former FAmSCo Chair and a Member of the Fedora Board.

Together with the ISECOM i strive to support security communities all over the world and you can find examples of my work if you search for it ;)"


Follow Joerg Simon's blog:


audius regularly conducts complex and demanding penetration and security tests for the following branches:

  • Financial institutes
  • Network providers
  • Mechanical engineering
  • Media
  • Logistics
  • Elektronics
  • IT-services
  • Military
  • Politics

As a security provider audius doesn’t disclose customer relations from our security projects in principle and also conclude no reference agreements for the security test projects!

Upon request, audius likes to name references from other areas like the service „audit infrastructure maturity levels". Just get in touch!



Nachfolgend finden Sie eine Auswahl an Kunden, die erfolgreich ein Lösungs-Projekt mit audius als Partner durchgeführt haben.

Contact form

Please contact for further information!


Fortwährend seit 2013


  • (Windows) Server Netzwerkmanagement (Extreme)


  • Migration Active Directory + Exchange Konten in eine neue Umgebung
  • Aufbau externes Rechenzentrum