Find out about our auditing features and reports
For each system that you audit, only one credit is used. You can download all (available) reports of that system for a single credit! For example, when auditing a system that runs an Active Directory, you can download the IT-audit Summary, the Administrators and Users, and the system configurations reports for a single credit.
Which security configurations are choosen?
- Includes Password Policies
- Includes Lockout Policies
Which security patches have been installed?
Which security patches are missing?
Which vulnerabilities exists?
How critical are these vulnerabilities?
Which users have which rights?
Includes various other characteristics, e.g.:
Users who have not logged in for 90 days
Users whose passwords do not expire.
Is antivirus running?
Which antivirus software is it?
When has it last been updated?
“The extensive system hardening reports and Active Directory reports are extremely useful, and hard to find anywhere else. The application is incredibly easy to use and saves me loads of time.”
Mark Langenakker (AKL Support)
“Getting all the right data from our clients used to take a lot of time for all parties involved. With Easy2audit, the process is so quick and easy that our clients are now happy to cooperate. The full transparency of the scripts and output and the fact that there’s no need for installations are great features too.”
Robert Johan RE CISSP (Soll-IT)
Let Easy2audit take care of the tedious and time consuming work. We collect data, then organise and present it as useful information in our easily understandable reports.
Don’t waste hours manually auditing IT-systems. Our automated solution scans and produces reports with just a few clicks, so you can spend more time interpreting results and providing value to your clients.
Our user-friendly reports provide all the information you need to assess the cybersecurity of your (client’s) organization. From system hardening to antivirus and user privileges, you’ll get a comprehensive picture of the organization’s IT security in minutes. Reports are generated so you can hand them to your clients directly.
No black boxes here! Our solution is completely transparent, with human-readable scripts and result files. Our reports give you essential visibility into the cybersecurity of your client’s organization.
There’s no need for complicated installations or software training. Our easy-to-use SaaS solution is accessible from anywhere.
Say goodbye to long, drawn-out IT-audits. Our solution saves you and your clients valuable time, allowing you to complete audits in a fraction of the time it would take to do them manually. This means you can provide more value to your clients and take on more projects without sacrificing quality.
We take data privacy seriously. Data uploaded to our system is immediately deleted after the reports have been generated, ensuring privacy and security for both you and your clients.
This report is designed in extensive collaboration with several IT auditors that work with small and large firms.
As you can see, this report shows the most important security measures of a system and is focused on core ITGC.
Certain user groups, like administrators, have special and often extensive rights in systems and applications.
These accounts pose a significantly increased risk when criminals gain access to them.
Includes fine grained policies and is available for Azure AD too.
Databases contain an abundance of useful and critical information. It is therefore imperative that an analysis is performed on its users, their privileges and their behaviour, so that misuse of specific accounts can be excluded from consideration.
Certain users groups, like administrators, have special and often extensive rights in systems and applications.
When cyber criminal gain access to such accounts, risks are significantly higher than for other accounts.
In this day and age, year-end audits typically rely solely on figures derived from digital systems. Today’s accountants need to know whether these figures are reliable. Learn how Easy2audit helps in this process.
The Easy2audit scripts are developed in-house and are specifically designed to read configuration settings.
We maintain one script per type of operating system, so that we can optimize inventory for each platform.
All scripts have been thoroughly tested and the extra CPU load is negligible. The scripts are designed to not cause any impact on the servers they are run on.
On Windows systems, the script collects data by reading registry values and settings from an export of the local security policy. On Unix systems, configuration files are read. All checks are sequential.
The scripts must be run with administrator [Windows] or root [Unix] authorization. These authorizations are necessary to read all configuration settings.
No. The scripts are made to only read – no configuration settings are changed or otherwise manipulated.
On Windows systems, an export of the local security policy is created in the directory from which the script is called. This file is deleted after the script is completed. On Unix systems, no temporary files are created.
The results are saved in the directory from which the script is called.
The scripts are a readable text file, so you can see which commands are being executed.
IT General Controls (ITGC) are the foundation of strong IT systems. The controls govern the overall IT environment of an organization help ensure the confidentiality, integrity, and availability of information. Easy2audit recognizes the importance of ITGC. That is why our software is designed with ITGC in mind. While Easy2audit is specifically designed to not make changes to your systems, it is an ideal tool to help you audit and thereby manage your ITGC more efficiently and effectively than ever before.
Easy2audit addresses the following ITGC controls:
By including these ITGC controls, Easy2audit helps you build a stronger, more secure IT environment. Easy2audit provides a comprehensive set of tools and features that allow organizations to automate parts of their ITGC monitoring and reporting, making it easier to comply with regulatory requirements and best practices. With Easy2audit, organizations can improve the accuracy and efficiency of their ITGC processes, reduce the risk of financial fraud, and gain a greater level of control over their IT infrastructure.
By choosing Easy2audit, you can be sure that you have an efficient and effective tool to help you maintain your ITGC, while remaining in compliance with regulatory standards.
Disclaimer: Easy2audit is primarily designed to help with ITGC controls related to system monitoring, access controls, change management, backup and recovery, and segregation of duties. While it can provide some level of assistance in other areas such as information security and network security, it may not be the best tool for those specific controls.
It’s important to keep in mind that Easy2audit is a specialized tool for auditing IT systems, and while it can help with some ITGC controls, it may not be a comprehensive solution for all aspects of IT security and governance. It’s always important to use a variety of tools and techniques to ensure a comprehensive approach to IT security and governance.
Leave your email & we will send you some soon.
This report is designed in collaboration with several, IT auditors that work with small and large firms. As you can see, this report shows the most important security measures of a system and is focused on ITGC.
For annual audits, most accountants audit about 5 of their clients’ key systems. These are often systems that run ERP applications, databases or other applications and services that are highly valuable to the operation and financial reporting.
Local account policies are subdivided into password and lockout policies and are one of the most important settings to assess.
We also present summaries of the specific chapters of hardening settings. A single server can easily have over 400 of security settings. On a default Windows Server installation typically about 75% (300 settings!) are not safely configured.
Is the system up to date with the latest security patches? The final part of the IT-audit summary shows whether patches have been installed in time and when the latest patch has been installed. Also, we show how many vulnerabilities are found on the system as a result of missing patches. If you want to know more details about these topics, we’ve got you covered in additional reports.
Certain users groups, like administrators, have special and often extensive rights in systems and applications. When cyber criminals gain access to such accounts, risks are significantly higher than for other accounts. It is therefore imperative that organisations limit access of user accounts to levels that are strictly necessary.
Assignment and management of user rights must be a secured process and approved at the highest possible level in the organisation. The number of users with extensive administrator rights should be limited as much as possible and should be reserved for accounts without access to email and internet. Passwords of these accounts should be changed regularly. All users should be linked to a password policy. User accounts that are inactive should be deleted.
Easy2audit reports the status of users and possible inconsistencies per Active Directory (AD). In cooperation with accountancy firms, we have identified specific characteristics that may provide a threat to the organisation. We report how many, and which users show these characteristics.
Databases contain an abundance of useful and important information. IT is therefore imperative that an analysis is performed on its users, their privileges and behaviour, so that misuse of specific accounts can be excluded from consideration.
Our SQL reports give a comprehensive overview of roles and corresponding privileges and which users have been assigned to them. In addition, we show for each user when they have last logged in, and how many times they have logged in this running year and the last entire year.
Please be advised that for default SQL installations, logging information is not kept. It should therefore be turned on before it can be analysed.
Default configurations of operating systems are designed with a focus on usability. This compromises information security and leaves doors wide open to cyber criminals.
Making adjustments to these default configurations to increase security is therefore one of the most important basic cyber security measures. This process is also called hardening and it vastly decreases chances of being successfully attacked by cybercriminals. Actions include:
Easy2audit provides a comprehensive overview of all security settings of a system (sever/workstation), for wi. System administrators can use this report directly to improve their cyber hygiene. This report is therefore not only very popular for annual audits but for general IT advice and advisory as well.
In this day and age, year-end audits typically rely solely on figures derived from digital systems. Today’s accountants need to know whether these figures are reliable. Learn how Easy2audit helps in this process.
Sign up to Receive 
2 free Credits and hear about events & Offers!
Sign up now to Receive 2 free Credits and hear about events & Offers!
