System Access & Security Audit

A leading Australian medical imaging provider managing vast amounts of sensitive health data needed to strengthen its cybersecurity framework. Challenges included fragmented system ownership, weak access controls, inactive user accounts, and legacy systems — all creating risk for data privacy and compliance.

Tranzformd’s Technical Business Analyst led a comprehensive audit of over 200 systems within the User Identity and Access Management stream. We mapped business processes, inventoried system usage, and analysed account activity and security settings. Identifying gaps like missing MFA, inactive accounts, and legacy systems, we developed tailored remediation plans prioritised by risk and ease of action. We also coordinated validation and safe decommissioning of obsolete systems.

The organisation gained a validated system access register, removed numerous risk or unused systems, and standardised access policies. These actions strengthened its cybersecurity posture and improved audit readiness, supporting compliance and reducing risk in handling sensitive health data.