IT Solutions

Are your information system controls aligned with the organization’s short and long term business objectives? Do they protect your organization from security threats as well as help you comply with increased internal and external demands, and regulatory requirements?  At a time when business fraud has spurred increased regulations, designing, documenting, and monitoring effective IS controls are vital to an organization’s success. Compliance with legislation such as the Sarbanes-Oxley Act has increased the overall scrutiny and disclosure of financial reporting, causing companies to reexamine their IS systems.

Our comprehensive services range from:

    •  IS risk assessments

    •  Information system controls reviews

    •  Network and application security reviews

    •  Regulatory compliance reviews including:

          ◦  Sarbanes-Oxley

          ◦  FFIEC

          ◦  Gramm-Leach-Bliley Act

          ◦  Patriot Act

          ◦  HIPAA

As an example, during a general controls review, we will:

    •  Assess IS control policies and procedures.

    •  Conduct in-depth evaluation of manual and automated IS controls.

    •  Benchmark controls against industry best practices.

    •  Assess exposures to your Internet-based initiatives.

    •  Review your environmental controls, including physical security.

    •  Interview IS management and departmental end-users.

    •  Review your business continuity and disaster recovery plans.

Your project will be broken into three phases: project planning and risk assessment, documentation and analysis, and internal controls monitoring and reporting.  Our integrated approach ensures that all parties who have a stake in your internal controls agree with our methodology and process in order to fully address operational, compliance and financial reporting controls to improve efficiencies and effectiveness.  The end result will be enhanced capabilities to capture revenue, reduce cost, and detect issues before they become problems.