Book Appointment Now
Our Services
SelahNex Audits provides independent audit, assessment, and readiness services focused on IT, cybersecurity, and compliance risk, excluding certification or attestation audits.
Iterative, risk-based methodology
remote or onsite delivery
our services are delivered in an audit and advisory capacity, with a focus on right-sized readiness and gap identification
ISO/IEC 27001 & Information Security Services
ISO/IEC 27001 internal audits (first-party)
ISO/IEC 27001 gap assessments and certification readiness reviews
ISMS documentation review and conformity assessment
Supplier and third-party information security audits aligned to ISO/IEC 27001
Control effectiveness reviews aligned to ISO/IEC 27001 and related information security standards
Services are provided independently and do not include certification decisions, which remain the responsibility of accredited certification bodies.
Independent, no-obligation discussion to confirm scope and fit
SOX IT Audit & Compliance Support (ITGC & ITAC)
SOX IT internal audit and assessment support (ITGC & ITAC)
SOX IT General Controls (ITGC) testing and walkthroughs
Access management, change management, and backup & recovery control testing aligned to SOX requirements
Evidence review and validation support for audit readiness
Deficiency identification and reporting support for management and external auditors
Services support management’s SOX compliance efforts and do not replace the role of external auditors or management responsibility.
Independent, no-obligation discussion to confirm scope and fit
SOC 1 & SOC 2 Audit Support
SOC control walkthroughs and design discussions
Evidence request coordination and validation support
Control testing support for SOC engagements under service auditor direction
SOC audit readiness and assessment support (no attestation or opinion issued)
Services do not include issuing SOC reports, attestation opinions, or acting as the service auditor of record.
Independent, no-obligation discussion to confirm scope and fit
HIPAA Security & Privacy Readiness Services
HIPAA Security Rule risk assessments
HIPAA audit readiness and preparedness reviews
Administrative, technical, and physical safeguard assessments aligned to HIPAA requirements
Third-party and vendor HIPAA security posture assessments
Services are limited to assessment and readiness activities and do not constitute legal advice, certification, or regulatory determination of HIPAA compliance.
Independent, no-obligation discussion to confirm scope and fit
Governance, Risk & Compliance (GRC) Services
Enterprise and IT risk assessments
Control design adequacy and operating effectiveness reviews
GRC program maturity and capability assessments
Policy, standard, and risk register review and alignment assessments
Framework mapping across ISO/IEC 27001, SOC, SOX, and HIPAA requirements
Services are advisory and assessment-based and do not include control implementation or assumption of management responsibility.
Independent, no-obligation discussion to confirm scope and fit
Additional Assessment Areas
AI governance and risk assessments aligned to ISO/IEC 42001 principles and guidance
Cloud security and control assessments for AWS, Azure, and GCP environments
Cloud control reviews aligned to ISO/IEC 27001, SOC, and CIS benchmarks
Emerging technology risk and control assessments
Services are limited to independent assessments and reviews and do not include system implementation, operation, managed services, or certification decisions.
Independent, no-obligation discussion to confirm scope and fit
Certification and attestation audits (including ISO/IEC 27001, SOX, SOC certifications and similar conformity assessments) are performed only under engagement with accredited certification bodies or other appropriately licensed assurance providers. Any formal certification, opinion, or attestation remains solely the responsibility of those bodies.
Because cybersecurity is a shared responsibility, SelahNex Audits was built with underserved organizations in mind. We offer bona fide pro bono audit and assessment services at no cost to qualified nonprofit organizations, subject to defined scope and volunteer availability. These engagements help organizations understand their risk and control posture and support preparation for audits with recognized certifying bodies.
Priority
Our clients are our priority
At SelahNex Audits, we recognize that every organization and every engagement presents a distinct risk and operating context.
Each engagement is approached as an independent project, shaped by the organization’s environment, risk profile, objectives, and constraints. We take the time to understand this context, tailor our procedures accordingly, and communicate clearly throughout the engagement.
Our priority is not volume or speed, but the delivery of independent, practical insight that supports informed decision-making and long-term trust. We earn that trust through objectivity, transparency, and consistent quality across all audit and assessment work.