NIF Audit

We verify compliance with the National Interoperability Framework

Audit of readiness to provide electronic services

The purpose of the audit is to examine the scope and level of readiness of the services provided by the Public Unit for
residents. As part of the task, the offered service model in terms of the efficiency of servicing citizens is also examined.

The audit is also aimed at demonstrating the fulfillment of tasks resulting from the interoperability, transactionality, and efficiency of electronic document flow in the Unit and the possibility of handling various formats and electronic documents.

Audit of methods and capabilities in the field of organizational security

The purpose of the audit is to assess the completeness and the level of implementation of the security rules described in the adopted security documentation.

The task also includes an assessment of the management's commitment to information protection. The result of the audit is a set of recommendations by the auditor aimed at achieving the highest possible level of compliance with the Information Security Management System.

Threat audit and inventory analysis of resources

Audytowi podlega stan przygotowania Urzędu do identyfikacji i minimalizacji ryzyka. Przygotowywany jest rejestr ryzyka oraz plany minimalizacji każdego z ryzyk. Analizowane są możliwości organizacyjnego oraz techniczne dla celów inwentaryzacji posiadanych zasobów teleinformatycznych ze szczególnym uwzględnieniem automatyzacji powiadamiania o zachodzących zmianach oraz wersjonowaniu.

The authorization management system for ICT and organizational resources is being assessed.

Audit of elements that have a significant impact on safety.

The audit covers a set of elements that have a significant impact on the safety of the Unit, with particular emphasis on:

  • quality and scope of employee training,
  • distance work,
  • data processing using mobile devices,
  • ICT support contracts for hardware and software,
  • backup management,
  • the method of securing information from the technical side,
  • the method of securing information from the organizational side.

WCAG compliance audit

We perform a semi-automatic audit of Web Content Accessibility Guidelines (WCAG) 2.1 for compliance with the standard published by the Web Accessibility Initiative (WAI), containing recommendations for creating accessible websites. From October 15, 2012, the WCAG version 2.0 guidelines gained the status of the international standard ISO / IEC 40500: 2012.

The result is information about the level of compliance of the Office's websites (BIP and website) with the indication of the elements requiring repair.

On special request, the audit is carried out on the basis of scenarios and use cases, by visually impaired, visually impaired, hard of hearing and completely deaf people.