Back in the days of the dot com boom and the Y2K bug, a view point on the relationship between IS audit and the traditional finance audit was that of an ant on an elephant's back. However today, businesses absolutely depend on systems for product and service delivery with no paper or process based delivery alternatives in place. Further, its purpose for accounting and financial reporting and the use of it as a valuable tool to stay ahead of the competition, has changed things drastically with the IS auditor taking the driver’s seat and the finance auditor, the navigators. This realization has come faster to firms that are technologically sophisticated. They no more believe that IS audit is a cost function and that it brings value in its own ways. Helping you realize these values is our endeavor.
Engage us for the following:
- 1Review your IT Governance and Information Security policies and procedures along with the Risk Management Strategy.
- 2Ensure that your policies are in alignment to a reasonable extent with ISO20000, ISO27001 and ISO22301 framework.
- 3Ensure that sufficient controls have been placed on your network and server infrastructure.
- 4Check that there are enough controls to protect critical and sensitive client information.
- 5Audit all applications and databases for security controls.
Our overall perspection of IS Audit is illustrated in the below image :
- 6Perform a gap analysis on the documentation of all procedures and ensure they undergo document control procedures.
- 7Audit all outsourced IT services by interviewing the vendors and checking their documented procedures.
- 8Ensure that the information systems provide integrity, confidentiality and availability at all time.
- 9Provide support for Regulatory Compliance requirements like SOX, PCI DSS, SAS70, UKPDA, HIPPA among others.
- 10Most importantly, ensure that all of the IT departments activities aligned with the business objectives.