IT Audit and Control/IT Risk and Compliance Consulting

IT Audit and Compliance

  • From end-to-end IT process review, identify areas of critical control gaps
  • Establish mitigating and compensatory controls to address key control gaps as a short-term solution – pre-implementation of long-term solution (automated control)
  • Implement preventive and detective controls in critical systems
  • Review IT control and Security structures to ensure they are optimal – clear of conflict of interest and SoD (Segregation of Duties) concerns among others
  • Review the adequacy of IT Procedures and Policies to help address control deficiencies
  • Review key controls surrounding data security and data integrity in critical business applications
  • Review the adequacy of Disaster Recovery preparedness of the organization - Testing the ability of the organization to return back to operations after major disasters such as fire, flood etc.
  • Conduct a complete data center audit
  • Conduct security audit of your network and IT infrastructure
  • Review the effectiveness of your firewall solutions
  • Ensure UNIX OS vulnerabilities were identified and remediated
  • Review the adequacy of security and control surrounding core financial and mission critical applications
  • Conduct a comprehensive business application audit review
  • To minimize business interruptions, review the adequacy of control surrounding Change management, Problem management and Change control processes
  • etc.