|
Solutions and Services
 I.T.
REVIEW AND AUDIT
a. IS REVIEW
The process of reviewing the client's information systems
facilities in light of acceptable operating procedures and
insuring that the site is safe and secure, and that processes
conform to generally accepted practices is called the
Information Systems Review. The review also attempts to insure
that there is proper back-up of program and information files,
an alternate processing site, and that the facilities have
been properly tested. The firm will review security
procedures, passwords, access codes, and so forth.
The IS Review is an interview and walk-through process. The
interviewer does not validate all the answers given, but
simply records and observes with random checks for security. A
walk-through is done to validate that terminals and printers
are secure, and that confidential data is being managed
properly.
b. IS
AUDIT
The IS Audit more closely represents the processes of the
traditional accounting audit in terms of the expertise and
resources required. The IS Audit begins with the same
interview approach as the IS Review. After the interviews are
completed, the firm then validates the information provided to
the degree possible. All facets of operations are reviewed and
observed.
A successful information technology audit appropriately
assesses technology risks and the control environment as they
relate to critical business processes. Our expertise and
methodologies in IT audit helps our clients realize more
effective and efficient technology controls that better align
with the internal audit functions and IT strategies.
Auditing key IT components to help ensure the integrity and
accuracy of information contained therein is of paramount
importance to all areas of business and industry. We
specialize in effective and technical audits of client
computing platform to ensure the existence of effective
controls.
IS Audit services include:
Professional Auditing Services - we provide a comprehensive
technical review of your computing environment including the
operating systems, network, internet, connectivity, business
continuity planning, vulnerability review, business
applications, change management, IT strategic planning, and
any computing issues that we may deemed appropriate. A formal
management report will be issued to management at the
conclusion of the engagement.
Outsourced Auditing Services - we perform all your IT audits
for you as part of your Internal Audit Process. The number of
IT audits to be performed will be at the discretion of
Internal Audit/Management based on the Audit universe. We will
provide Internal Audit/Management with risk-based software for
audit planning. This would help ensure that appropriate audit
cycle is established for all critical IT audits. Audit
programs and scopes are developed in consultation with
Internal Audit /Management.
Areas of IT Auditing Services:
 |
Application Service Providers/Portal Review |
|
|
Local & Wide Area Network Review |
|
|
COSO Implementation Review |
|
|
SAS 70 Testing and Reviews |
|
|
Sarbanes-Oxley Section 404 Compliance Reviews |
|
|
CoBIT Framework Reviews |
|
|
Network Operating Systems Review |
|
|
Mainframe Operating Systems Review |
|
|
Application Review |
|
|
Data Center Review |
|
|
Security Software Package Review |
|
|
Data Base Management System Review |
|
|
Disaster Recovery Planning Review |
|
|
Risk Management Review |
|
|
Data Processing Acquisition Review |
|
|
Contract Administration Review |
|
|
System Development Life Cycle Review |
|
|
Personal Computer Security Review |
|
|
Data Network Security Review |
|
|
General Controls Review |
|
|
Outsourced Review
|
|
On-Line
Virus Scanning