top of page

Security audit

Detects non-compliance with the law and eliminates the risk of fines and security breaches.

We're dedicated to building a structured strategy to help you identify security threats and effectively manage your risks. Join us and we'll give you the tools you need to tackle any obstacle.

Contact us today and get started on the road to a safer and stronger business.

Our offer

The audit services offered by Sectio Aurea bring multiple benefits to your organization, including:

Cost reduction

The audit helps identify areas of excessive spending on security measures and optimize resources by using effective solutions.

Increasing the confidence of customers and shareholders

Demonstrating the organization's commitment to data security increases the trust of customers and partners, strengthening business relationships.

Our offer

The audit services offered by Sectio Aurea are focused in the following directions:

We evaluate the maturity level of the information security organization

we provide you with a complete picture of the level at which your organization organizes its information security, as well as provide you with the desired higher levels.

We will create a concrete action plan for you

for the two dimensions of the anase, we draw concrete action plans

1. The plan of measures to minimize the security risks to an accepted level

2. The plan of measures for reaching a higher level of maturity

3. The plan of measures to remedy non-compliance with selected international standards.

Our offer

Sectio Aurea's audit methodology is based on the most rigorous international standards, ensuring an exhaustive and efficient assessment of information security. These include:

ISO-27001 – Information security management system

This standard provides a methodical structure for auditing, including essential elements for developing a robust organizational security framework, as well as effective security management practices. It also uses the PDCA (Plan-Do-Check-Act) method for controlling and continuously improving processes.

IT Audit Best Practices (ISACA ITAF Framework)

This audit framework ensures that our assessments comply with the highest professional standards and the latest methodologies in the field.

The NIST standard provides comprehensive guidance for managing and mitigating cyber risks, integrating best practices for critical infrastructure protection.

ISACA CMMI Cybermaturity Model

Capability Maturity Model Integration (CMMI®) is a capability improvement model that can be adapted to solve any performance problem at any level of the organization, regardless of industry. The model provides guidelines and recommendations to help your organization diagnose problems and improve performance. Used by more than 10,000 organizations in more than 106 countries worldwide, CMMI helps you identify and achieve measurable business goals.

The specific audit regulations of the compliance regulations

for clients who need to demonstrate compliance with specific industry regulations, we use ISACA's audit standards along with specific regulations.

By choosing Sectio Aurea, you benefit from a high-quality audit methodology that not only identifies vulnerabilities, but also proposes concrete solutions for the continuous improvement of information security.

Work phases for carrying out the evaluation process

1. Initiation of the audit project

4. Elaboration of the audit report

2. Planning of audit activities

5. Delivery of the audit report

3. Execution of audit activities

6. Completion of the audit project

Compliance requirements covered by the security audit

Law 362 /2018 (NIS Law)


Structural fund technical audit
Technical and security audit services for companies that acquire and implement IT systems (hardware and software equipment) through projects financed by structural funds


ReGIS - the national funds transfer system with real-time gross settlement

SaFIR - the financial instruments settlement system


System rules of SENT


EBA Guidelines on ICT and security risk management


Customer Security Program (CSP)


Order 146/2022 for the approval of the conditions for providing information, the framework model of the collaboration protocol, the procedure regarding the exchange of information between the National Agency for Fiscal Administration and legal entities under private law


TISAX Trusted Information Security Assessment Exchange)

​VDA -ISA (Verband der Automobilindustrie Information Security Assessment)

Our offer

The Sectio Aurea team consists of professionals with advanced technical capabilities and recognized certifications in the field of security auditing.
They have in-depth knowledge of Romanian or European legislation applicable to auditing and meet, or even exceed, the minimum legal requirements for accredited security audit service providers.

The strengths of our team

By choosing Sectio Aurea, you benefit from a dedicated and experienced team, prepared to provide a high-quality security audit tailored to the specific needs of your organization.

We specialize in identifying vulnerabilities, reducing risks and creating security programs that provide the necessary conditions for the company's long-term development.

Sectio Area specialists have advanced expertise in the following areas:

  • Analysis of existing/potential threats and vulnerabilities: We identify and assess both current and potential threats, ensuring proactive protection of the IT infrastructure.

  • Risk assessment and business impact: We carry out detailed risk assessments and analyze their impact on the business, offering tailored solutions to minimize risks.

  • Consulting to ensure the confidentiality, integrity and availability of information: We offer specialized consulting to protect data, guaranteeing the confidentiality, integrity and availability of critical information.

  • Implementation of the necessary solutions for an optimal level of security: We develop and implement security solutions that ensure a healthy and sustainable business environment.

By collaborating with Sectio Aurea, your company benefits from customized solutions and a strategic approach to maintain an optimal level of security in the long term.

Why us?

The fundamental method

We have a very high quality standard of audit activity.

The Sectio Aurea audit team received praise and recommendations for the attention it showed in the audit missions


The team of auditors, led by the founder, is highly specialized in implementing the requirements of the NIS law, but also in the effective operation of IT management and security in various organizations.
When we audit, we make it approved.

Maturity level

We have people with experience in the field, we understand the IT business and we understand the context.

We involve only experienced auditors.

The quality

Because we are very experienced and know how to actually enforce non-compliance with the requirements of the Law, a large part of the clients we audited chose us as consultants in the matter of implementing NIS requirements.


Fintech USA with an innovative business model, namely brokerage of financial services.

The tested system was one of very high complexity.
Sectio Aurea was selected due to the team's experience and the possibility to scale dynamically in emerging fields: Cloud & API Security.
The project required the involvement of 5 dedicated pentesters, who worked full-time for 4 months.

software group

Software Group is a conglomerate of companies that provide worldwide digitization solutions, core banking and core insurance implementations.

Sectio Aurea provided specialized consulting services in aligning the proposed solutions with the security requirements of their clients.

NIS Directive Audit, EBA Guidelines, BNR Audit (REGIS, SAFIR), Transfond (SEND)
Other security references

Discover the key to success in cyber security with an exclusive one-to-one session with Mădălin Bratu, the innovative mind behind Sectio Aurea.

With a remarkable experience of 20 years in IT and an impressive career path, Mădălin is the elite consultant that any leader in the field wants by his side.

Take advantage of the unique opportunity to enrich your knowledge and secure your business in a personalized and efficient way.

Plan your meeting with Mădălin Bratu now and unlock access to cyber security solutions at the highest level as well as a team of top tier cyber security experts

bottom of page