The exponential speed of change in technology has caused a disruption across many industries; and impacted entire corporate systems including production, management, and governance. This fast pace of change will bring many benefits, but they will also present many known and unknown risks. If managed well, they have the potential to give rise to innovation that will drive economic growth and social impact. If not handled appropriately, such as the rising threat of cyber attacks, they could derail these benefits. Businesses that embrace these developments, anticipate challenges, and deal with them in a strategic way are more likely to prosper, while those that do not will more likely fall behind and into non-existence.

At the core of today's highly connected global economy, the high velocity of information technology change requires organizations to know how to strategically leverage technology. However, it is incumbent upon management to have the proper response in the form of controls to combat the ever-changing risks presented by these technological advancements. Our guidance and expertise as an IT auditor and subject matter expert support you to achieve these control objectives.

 

Information Technology Audit Outsourcing and Co-Sourcing

Today very few companies are able to attract, hire and retain the internal audit resources they require on a full-time basis. As a result, it is virtually impossible for many organizations to fully execute their risk-based audit plans on a year-to-year basis. We have significant experience and proven solutions to help organizations perform a myriad of information technology (IT) audits and assessments.  We supply the knowledge and utilize the best  "tools of the trade" to automate and execute internal audit plans in an efficient manner at a reduced cost.

 

 

ERP Application Controls Consulting

Our professionals follow a proven methodology for application control audits based upon the Institute of Internal Auditors (IIA) Global Technology Audit Guide (GTAG). Following such guidance provides additional assurance that the required application controls are configured correctly and will perform consistently as intended by management. In addition, we document logical security and general controls with an auditor's perspective and experience. The following services are a sample of the ERP application control audits we perform on a regular basis.

  • User access Segregation of Duties / User Access Security Auditing (Application, OS, and Database)
  • Automated (Configurable) Application Controls Consulting and Testing.
  • ERP Application Security and Control Design/Optimization – identify risks, identify indicators of control inefficiency (e.g. overreliance on manual controls, design and deploy a control optimization strategy with management and IT.
  • "Pre and Post" application implementation System Development Lifecycle Consulting and Audits.

 

Information Technology (IT) Risk Assessments

IT risk assessments are one of the most vital elements of Enterprise Risk Management (ERM) process of any organization of any size. Through risk identification and documentation, an organization can better determine the extent of potential losses and the likelihood they will occur based upon management’s tolerance of risk and risk response in the form of controls. Our experienced, credentialed IT consultants and auditors have engaged in a significant number of IT risk assessments by utilizing a blend of interviews, surveys, and other techniques to determine the areas of highest IT risks.

 

 

Business Continutity and Disaster Recovery Reviews

Compu-Netics works hand-in-hand with and supports your organization in the development, implementation, maintenance and testing of Business Continuity Plans (BCP) and Disaster Recovery (DR) Plans. These services include such components as risk assessments, business impact analysis (BIA), plan development and documentation, table-top testing exercises, quarterly or annual full testing, and results assessments.

 

 

Federal Financial Institutions Examination Council (FFIEC)

The FFIEC, banking and non-traditional lender regulatory bodies (OCC, FDIC, NCUA, FRB and CFPB) require periodic audits of the information technology (IT) control environment in order to ensure these regulated organizations adhere to the appropriate set of FFIEC guidelines and that IT controls are well designed and operating effectively in the ever-changing world of information technology. Compu-Netics has significant experience in performing these required IT audits, particularly with community banks. The majority of our banking IT audits cover the following:

  • Information Technology General Computer Controls
  • eBanking
  • Information Security Program Development and Assessment
  • GLBA Program Development and Assessments
  • Vendor Management Program Development and Assessments
  • Internal Network Security Reviews
  • External Network Security Reviews
  • Social Engineering
  • Information Technology (IT) Risk Assessments
Print Print | Sitemap
IT Compliance Services by Compu-Netics, LLC - All Rights Reserved © 2019