What do we offer?

The Recommendation D audit is aimed at financial institutions and companies working with banks. Its purpose is to assess several areas, including data quality and security, compliance with the Personal Data Protection Act, IT system security, data exchange, and audit frequency policies. It is crucial that this audit is carried out by professional external auditors who ensure confidentiality throughout the process and provide an objective evaluation of the implementation of Recommendation D.

We offer a professional Recommendation D audit, which includes documentation analysis and the preparation of a report with recommendations. We will advise you on managing IT and information security infrastructure areas.

Take advantage of our expertise and raise your information security management standards.

How do we work?

Documentation analysis

1. Documentation analysis

After assigning the audit team and defining the audit procedures, we will begin analyzing the provided documentation, including policies, plans, control records, instructions, licenses, specifications, and risk analysis results. We will assess the level of compliance of the submitted documents with the recommendations from the Polish Financial Supervision Authority (KNF). We will ensure that the entire process runs smoothly and successfully, without disrupting the day-to-day operations of your organization.

Preparation for the audit

2. Preparation for the audit

We will identify the organizational units subject to the audit based on the areas defined in Recommendation D and develop an audit plan. We focus on open communication and partnership, so during the opening and closing meetings of the audit, we will address any questions and clarify any unclear issues.

Conducting the audit

3. Conducting the audit

We will assess the current situation, the applied security measures, and conduct the audit using tools such as documentation analysis, surveys, checklists, and penetration testing. We will analyze, among other things, the methods of ensuring security during information exchange, technical standards, and communication and encryption protocols. Additionally, we will conduct interviews with employees.

Development of results

4. Development of results

You will receive an audit report from us, confirming compliance with Recommendation D. It will highlight areas where non-compliance was identified, as well as solutions that will help your organization achieve compliance with Recommendation D. We want your organization to gain practical insights, so the report will be presented in a user-friendly format. Additionally, our consultants and auditors will be available to assist you.

Let's talk about your project! Fill out the form

What else do we offer?

We can help implement a complete Information Security Management System (ISMS) in your organization, or individual components of it. Check out our offer for other services related to Information Security Management.

Comprehensive implementation of ISMS

Learn about the scope of the service

Information Security Audit

Learn about the scope of the service

Information Security Risk Analysis

Learn about the scope of the service

ISO 27001 Compliance Audit

Learn about the scope of the service

ISO 27001 Implementation

Learn about the scope of the service

ISMS Documentation

Learn about the scope of the service

ISO 27001 Certification

Learn about the scope of the service

KRI Audit

Learn about the scope of the service

Information Security Training

Learn about the scope of the service

TISAX Implementation

Learn about the scope of the service

Why us?

Knowledge and Experience

Knowledge and Experience

Our team has gained extensive experience in compliance audits over many years by working on projects across various industries and organizational sizes.
Individual Approach

Individual Approach

When conducting a compliance audit with Recommendation D, we take into account the specifics of your organization and its market context.
Favorable conditions

Favorable conditions

We adjust the scope and schedule of information security services to fit your budgetary capabilities.
Business-Oriented Approach

Business-Oriented Approach

We focus on a practical approach to information security management that is grounded in and tailored to the Polish context.

They trusted us

Key questions about the compliance audit with recommendation D

What is a Compliance Audit with Recommendation D?

Let’s start by explaining what Recommendation D is.
It is a document developed in 2013 by the Polish Financial Supervision Authority (KNF), and it pertains to the operations of banks, particularly the management and security of information technology systems.

A compliance audit with Recommendation D assesses whether institutions ensure the security of their information technology systems.

How Much Does a Compliance Audit with Recommendation D Cost?

The cost of a compliance audit with Recommendation D depends on several factors, such as the size of the organization, the specifics of its activities, market conditions, regulations, and the complexity of the processes involved. The number of locations and the expected project timeline are also important, as they influence the cost structure and final price. Each audit is priced individually based on the scope of needs and the preferred schedule.

How long does the compliance audit with Recommendation D take?

The compliance audit with Recommendation D typically takes about 4 weeks, but the exact duration depends on the size of the organization and the specifics of the project. We adjust the schedule to the individual needs of your organization.

What is the scope of activities in the compliance audit with Recommendation D?

STAGE I. Documentation Analysis

STAGE II. Audit Preparation

STAGE III. Audit Execution

STAGE IV. Results Development

Perform a compliance audit with Recommendation D

with PBSG

Ask for the offer