IT Audit Services
Our IT audit professionals are Certified Information Systems Auditors (CISAs) and have experience working as "Big Four" IT auditors, IT management and internal IT auditors for some of the nation's largest corporations. We are experienced in providing various IT-related services, such as:
IT Audit Staff Augmentation
We can provide IT audit resources to supplement your existing Internal Audit staff. Internally staffing the IT audit function is difficult for companies due to the complexity of most IT environments and requires various technical skill-sets. Our team of CISAs provide an affordable alternative to staffing these resources internally.
IT Risk Assessments
Our IT risk assessments are based on Control Objectives for Information and related Technology (COBIT) issued by the Information Systems Audit and Control Association (ISACA). COBIT provides leading practices for the management of IT processes in a manageable and logical structure by bridging the gaps between business risks, technical issues, and internal control needs. We will assist you in identifying the high-risk areas within your IT universe and creating a risk-based Audit Plan based on this risk assessment.
IT Policy and Procedures
Our team can assist you with development of brand new IT Polices and Procedures from scratch, tailore to the specific needs of your company, or we can review your existing Polices and Procedures and provide feedback to strenghten them.
Regulatory Compliance Reviews
We can assist you in complying with various regulatory requirements by identifying IT-related control gaps and correcting related internal control weaknesses within areas such as:
IT Application Reviews
We can assist you with specialized reviews of your critical applications. Our services include:
IT Infrastructure Reviews
Using industry best practices, policies, procedures, and "hardening" guidelines are documented for each IT infrastructure component. We also provide guidance on selecting and implementing software tools to monitor your IT infrastructure security.
Threat and Vulnerability Assessments
We can evaluate your access security by performing the following: