Information Systems Auditing
Organizations today are engulfed in a constant state of audit. Between Sarbanes Oxley controls testing, regulatory agency audits, corporate client audits, and internal audit department audits companies are in a constant state of audit with many of these occurring simultaneously and throughout the year. Companies are expected to support more and more audits with fewer and fewer resources.
IntelliGRACS Group can help. We are experienced in preparing for, supporting, conducting, and recovering from audits.
IntelliGRACS can help by:
- Planning or preparing organizations for external audits focused on SSAE16 SOC2, Sarbanes-Oxley, GLBA, PCI, ISO27001/27002, HIPAA, others.
- Planning or preparing organizations for internal audits of your IT, IT Governance, Risk Management, and all components of your Security program.
- Writing of controls, self-test requirements, and identify required supporting documentation
- Recommending or managing remediation steps to correct issues found during audits
- Conducting gap analysis against applicable standards as requested
- Proactively identifying areas that need to be addressed before an audit uncovers the problem
- Conducting audits based on requirements in accordance with IS audit standards, guidelines, and best practices.
- Developing a risk-based IS audit strategy for the organization.
- Planning specific audits to ensure that IT and business systems are protected and controlled.
- Communicate emerging issues, potential risks, and audit results to key stakeholders.