ANA Cyber Network Security Audit is a professional service that evaluates an organization's network security performance and analyzes security incidents. The service is part of an overall information systems audit framework that includes application software audit, operating system audit, and business audit components. The audit service covers all aspects of IT infrastructure to identify gaps against industry standards. It determines the reasons for identified security gaps and provides recommendations to address them. The auditing approach covers three key areas: People, Processes, and Technology. The service addresses challenges such as vulnerability scanning automation, securing networks with proliferating networked hosts and default-install services, identifying vulnerabilities with corresponding countermeasures, and determining areas that pose maximum risk. The audit methodology is based on industry-accepted standards and legal requirements specific to the industry and country. The service team holds relevant security certifications including CISSP, CISA, and ISO 27001:2022 LA. The audit includes detailed design review and effectiveness assessment of security patching solutions. The service aims to determine the effectiveness of network security controls and resolve underlying network security issues through comprehensive evaluation.