|
Companies of all sizes use information technology. Most companies are highly dependent, and in some cases totally dependent, on technology for critical aspects of their business including finance, operations, procurement, distribution, and sales; BUT, few have the resources for effective IT risk assessment to ensure their data is accurate, available, secure, and un-compromised. Even large companies with internal IT audit departments struggle to keep their staff trained on all current and emerging technologies.
First hand experience
Having had an office destroyed by a tornado, KraftCPAs knows first hand the critical nature of information asset security. We also understand the risks to and vulnerabilities of systems that store, transmit, and process critical information.
Whether through natural disaster, electronic theft, physical loss, or unintentional exposure, having business information compromised or exploited will impact a business. Depending on circumstances, the impact can range from inconvenient to catastrophic.
What information is most critical to your organization? What is the impact of having that information stolen, exposed, lost, or compromised? The larger question is:
Is your critical information secure? How do you know?
Information technology security and IT controls should support and enable business objectives -- not hinder them. Because organizations have unique characteristics and varying degrees of risk tolerance, there is no "one size fits all" solution to information security. At KraftCPAs, we help clients assess risks to their information systems and implement controls to mitigate risk based on their tolerance level.
Sophisticated expertise
KraftCPAs has a team of professionals dedicated to information technology security. Our team includes CPAs and Certified Information Systems Auditors (CISAs). In addition we have several vendor-specific technical certifications. We invest heavily in continuing professional education for our team. They are technology, security and audit experts who also understand business. Teaming with KraftCPAs enables you to leverage our people, methodologies, technology, knowledge, and expertise.
KraftCPAs IT Audit and Security Services include: - General IT control reviews
- Full IT system audits
- Compliance consulting including Sarbanes Oxley, GLBA, FFIEC, FDIC, and HIPPA
- SAS 70 audits and pre SAS 70 audit consulting
- Information asset risk assessment
- Network penetration and vulnerability assessment
- Social engineering assessment
- Business continuity/disaster recovery planning
- IT audit and security training classes and seminars
|
|
Steve Lineberry, CISA, NSA-IAM, IEM
