top of page

NIS Directive Audit

Call on experts flexibly for the more delicate elements, to be sure you have a favorable audit opinion!

Adopt a proven method and work with people more experienced in auditing IT systems and security management in the organization.

With us you identify more quickly and effectively the non-conformities with the requirements of the law, the security risks of the essential services of the business.

The fundamental method

We have a very high quality standard of audit activity.

The Sectio Aurea audit team received praise and recommendations for the attention it showed in the audit missions


The team of auditors, led by the founder, is very specialized in implementing the requirements of the NIS law, but also in the effective operation of IT management and security in various organizations.
When we audit, we make it approved.

Maturity level

We have people with experience in the field, we understand the IT business and we understand the context.

We involve only experienced auditors.

The quality

Because we are very experienced and know how to actually enforce non-compliance with the requirements of the Law, a large part of the clients we audited chose us as consultants in the matter of implementing NIS requirements.

Why us?

What are we auditing?

Information Security Audit

We evaluate the maturity level of the most important elements of compliance, namely security governance in the organization:

Security strategy and policy

Continuous commitment from management

Establishing, monitoring, reporting security indicators

Internal auditing and self-evaluation mechanisms

Risk management

Management of subcontractors

The manner in which legal requirements are implemented in operational procedures and work instructions and IT operations
Security awareness programs

We analyze the configurations of network equipment, servers and operating systems.

We check how the minimum security standards imposed by law and best practices are implemented by collecting concrete audit records from critical areas.

We evaluate the security of SCADA systems and other industrial control systems through information security audit activities, architecture audit, configuration audit, security testing, source code audit.

Identifying specific vulnerabilities and recommending appropriate security measures.

We assess the network structure and the interconnections between the different components and areas of the infrastructure.

We check how the minimum security standards imposed by law and best practices are implemented.

We test the vulnerabilities of networks and computer systems by simulating cyber attacks.

We identify and document vulnerabilities and recommend remedial measures.

Source code Audit

For applications developed in-house, we check the security of critical parts of the Source Code as follows:

Authentication mechanisms: we ensure that user authentication is done securely.

Cryptographic mechanisms: we verify the correct use of encryption algorithms for data protection.

User management: We evaluate processes for managing user accounts and permissions.

Resource access control: We verify that resource access is properly controlled and monitored.

Interactions with other apps: We evaluate how the app interacts with other apps to prevent security breaches.

Checking the security of communications and database interactions.



From the multitude of options, we can mention that we carefully selected where we offered our skills.

We have always put a price on quality and not on quantity.

Our clients are organizations with a very mature level of information security organization, which have deserved our auditors.

The audit team

The Sectio Aurea team consists of professionals with advanced technical capabilities and recognized certifications in the field of security auditing.
They have in-depth knowledge of Romanian or European legislation applicable to auditing and meet, or even exceed, the minimum legal requirements for accredited security audit service providers.

The strengths of our team

By choosing Sectio Aurea, you benefit from a dedicated and experienced team, prepared to provide a high-quality security audit tailored to the specific needs of your organization.

We specialize in identifying vulnerabilities, reducing risks and creating security programs that provide the necessary conditions for the company's long-term development.

Sectio Area specialists have advanced expertise in the following areas:

  • Analysis of existing/potential threats and vulnerabilities: We identify and assess both current and potential threats, ensuring proactive protection of the IT infrastructure.

  • Risk and business impact assessment: We carry out detailed risk assessments and analyze their impact on the business, offering tailored solutions to minimize risks.

  • Consulting to ensure the confidentiality, integrity and availability of information: We offer specialized consulting to protect data, guaranteeing the confidentiality, integrity and availability of critical information.

  • Implementation of the necessary solutions for an optimal level of security: We develop and implement security solutions that ensure a healthy and sustainable business environment.

By collaborating with Sectio Aurea, your company benefits from customized solutions and a strategic approach to maintain an optimal level of security in the long term.


Discover the key to success in cyber security with an exclusive one-to-one session with Mădălin Bratu, the innovative mind behind Sectio Aurea.

With a remarkable experience of 20 years in IT and an impressive career path, Mădălin is the elite consultant that any leader in the field wants by his side.

Take advantage of the unique opportunity to enrich your knowledge and secure your business in a personalized and efficient way.

Plan your meeting with Mădălin Bratu now and unlock access to cyber security solutions at the highest level as well as a team of top tier cyber security experts

bottom of page