Auditing Standards

Due to the magnitude of the risk posed by cyberattacks, many international agencies have set cybersecurity standards. The cybersecurity team at Codea technologies follows the standards, guidelines and best practices. Thus we ensure privacy, usability and interoperability to our clients.


OWASP Top 10 is a standard for secure coding that is recognized globally. The document lists the critical security risks to web applications. We at Codea technologies use the list as an auditing standard to ensure your security.


NIST Cybersecurity framework is a guide to manage and reduce cybersecurity risk. Many organizations, including some countries, follow it as it helps to build cyber resilience. We provide audit reports based on the NIST cybersecurity framework.

ISO/IEC 27001

ISO/IEC 27001 is a globally recognized standard for ensuring the security of information. We find the standard helpful in establishing, maintaining and improving the Information Security Management System (ISMS). Hence we adopted the standard.


PCI SSC lists the best security practices in transactions with credit cards, with the aim to protect cardholder data. We prepare PCI SSC compliance reports as per your request.


Health Insurance Portability and Accountability Act (HIPAA) is a federal statute that protects the personal healthcare information of an individual. We ensure HIPAA standards for clients from the healthcare industry.


The General Data Protection Regulation 2016/679 (GDPR) is a regulation in the European Union for the protection and privacy of data. Our team follows these regulations, especially if you are from European Union or European Economic Area (EEA).

Our Certifications

  • Certified Ethical Hacker (CEH)
  • Certified Information Systems Auditor (CISA)
  • Certified Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • GIAC Certified Web Application Defenders (GWEB)
  • CompTIA Security+
  • CompTIA Network Security Professional (CNSP)
  • EC-Council Certified Incident Handler (ECIH)
  • EC-Council Certified Security Analyst Certification (ECSA)
  • Offensive Security Certified Professional (OSCP)

Certified Ethical Hacker (CEH)

Certified Ethical Hacker (CEH) certification is given to those with the hacking skills required to assess the security of computer systems and access the systems legally. Our team has professionals with CEH certification who can check for vulnerabilities in your system.

Certified Information Systems Auditor (CISA)

We have Certified Information Systems Auditor (CISA) certification which attests to our expertise in auditing, control and security of information. Issued by the Information Systems Audit and Control Association (ISACA).

Certified Security Manager (CISM)

CISM or Certified Security Manager (CISM) is a certification given by ISACA to experts in information security governance; incident and risk management; and program development and management.

Certified Information Systems Security Professional (CISSP)

CISSP stands for Certified Information Systems Security Professional. It is a certification given to professionals in information security by (ISC)² (International Information System Security Certificate Consortium).

GIAC Certified Web Application Defenders (GWEB)

Those with the mastery to deal with common web application errors and knowledge to deal with security threats can obtain GWEB certification. GWEB is the abbreviation for GIAC Certified Web Application Defenders.

CompTIA Security+

CompTIA Security+ is another certification that attests to a person's competence to ensure system security. We have certified professionals at our disposal.

CompTIA Network Security Professional (CNSP)

CompTIA Network Security Professional (CNSP) certification assesses the professional's skill for identifying threats to the network and analyze the security risk.

EC-Council Certified Incident Handler (ECIH)

ECIH stands for EC-Council Certified Incident Handler. It measures the incident handling and response capability of a professional.

EC-Council Certified Security Analyst Certification (ECSA)

The EC-Council Certified Security Analyst Certification (ECSA) validates the analytical phase of ethical hacking. It is considered the next step of Certified Ethical Hacker (CEH) certification.

Offensive Security Certified Professional (OSCP)

OSCP assesses the hacking skill of an individual with tight time constraints. Offensive Security Certified Professional (OSCP) is considered top-notch in the information security sector.

Information Security Management System (ISMS)

ISMS is a standard of policies and procedures for managing important data of an organization. It aims to protect the confidentiality, availability and integrity of assets from cyber threats.

Areas we cover

Audit Checklist
We provide audit checklists for doing internal audits on ISMS practices and services.
Policy Preparation
To implement ISMS practices, we come up with policies tailor-made to serve your needs.
User Training
Our experts give training on how to use ISMS services.
Internal Audit
We provide internal audits for ISMS practices and submit reports based on the audit.