The exponential speed of change in technology has caused a disruption across many industries; and impacted entire corporate systems
including production, management, and governance. This fast pace of change will bring many benefits, but they will also present many known and unknown risks. If managed well, they have the potential
to give rise to innovation that will drive economic growth and social impact. If not handled appropriately, such as the rising threat of cyber attacks, they could derail these
benefits. Businesses that embrace these developments, anticipate challenges, and deal with them in a strategic way are more likely to prosper, while those that do not will more likely
fall behind and into non-existence.
At the core of today's highly connected global economy, the high velocity of information technology change requires organizations to know how to strategically leverage technology. However, it is incumbent upon management to have the proper response in the form of controls to combat the ever-changing risks presented by these technological advancements. Our guidance and expertise as an IT auditor and subject matter expert support you to achieve these control objectives.
Today very few companies are able to attract, hire and retain the internal audit resources they require on a full-time basis. As a result, it is virtually impossible for many organizations to fully execute their risk-based audit plans on a year-to-year basis. We have significant experience and proven solutions to help organizations perform a myriad of information technology (IT) audits and assessments. We supply the knowledge and utilize the best "tools of the trade" to automate and execute internal audit plans in an efficient manner at a reduced cost.
Our professionals follow a proven methodology for application control audits based upon the Institute of Internal Auditors (IIA) Global Technology Audit Guide (GTAG). Following such guidance provides additional assurance that the required application controls are configured correctly and will perform consistently as intended by management. In addition, we document logical security and general controls with an auditor's perspective and experience. The following services are a sample of the ERP application control audits we perform on a regular basis.
IT risk assessments are one of the most vital elements of Enterprise Risk Management (ERM) process of any organization of any size. Through risk identification and documentation, an organization can better determine the extent of potential losses and the likelihood they will occur based upon management’s tolerance of risk and risk response in the form of controls. Our experienced, credentialed IT consultants and auditors have engaged in a significant number of IT risk assessments by utilizing a blend of interviews, surveys, and other techniques to determine the areas of highest IT risks.
Compu-Netics works hand-in-hand with and supports your organization in the development, implementation, maintenance and testing of Business Continuity Plans (BCP) and Disaster Recovery (DR) Plans. These services include such components as risk assessments, business impact analysis (BIA), plan development and documentation, table-top testing exercises, quarterly or annual full testing, and results assessments.
The FFIEC, banking and non-traditional lender regulatory bodies (OCC, FDIC, NCUA, FRB and CFPB) require periodic audits of the information technology (IT) control environment in order to ensure these regulated organizations adhere to the appropriate set of FFIEC guidelines and that IT controls are well designed and operating effectively in the ever-changing world of information technology. Compu-Netics has significant experience in performing these required IT audits, particularly with community banks. The majority of our banking IT audits cover the following: