An IT framework
is key to a successful audit
Successful organizations understand the benefits of
information technology (IT) and use this knowledge to drive their
shareholders’ value. They recognize IT as a major enabler of the business,
the need to comply with increasing regulatory compliance demands and the
benefits of managing risk effectively. To aid organizations in successfully
meeting today’s business challenges, the IT Governance Institute® (ITGI) has
published version 4.1 of Control Objectives for Information and related
Technology (COBIT®). Entercomp can provide guidance in tailoring COBIT® to
meet you business needs. COBIT® enables clear policy development and good
practice for IT control throughout organizations. COBIT® 4.1—emphasizes
regulatory compliance, and helps organizations increase the value attained
from IT.
Sarbanes Oxley
Section 404 of the Sarbanes-Oxley Act is relevant to
information technology. It requires management to demonstrate that they have
established appropriate "internal controls" to safeguard an organization's
financial processes. The regulation's internal controls requirement specify
that organizations safeguard financial data that may have a material effect
on financial statements. Entercomp can provide control definition, testing,
and evaluation to meet your SOX requirements.
Financial
Institutions
Regulatory Compliance.
Entercomp performs Federal Financial Institutions Examination Council
(FFIEC), TG3 STAR now TR39 and Pulse, Sarbanes—Oxley Act (SOX), and Gramm-Leach-Bliley Act (GLB) IT
reviews/ analysis. We test existing controls to assess performance or
work with your organization to implement new policies.
IT Risk Assessment.
Comprehensive planning process that includes an evaluation of the
existing IT infrastructure; alignment of IT systems with core business
objectives (including gap analysis); and development and documentation
of new or revised policies and procedures to address critical issues.
IT Penetration and Vulnerability
Testing. Assistance in or outsourcing
of testing and analyzing system vulnerabilities. We attempt to exploit
weaknesses to determine the potential impact of each issue identified,
including recommendations highlighting remedies to correct the issue(s).
HIPAA
Entercomp Consulting
provides complete information systems review for the HIPPA Security
Rule.
The review consists of:
- Risk analysis
- Security assessment for
- Administrative safeguards
- Physical safeguards
- Technical safeguards
- Organizational requirements
- Policies,
procedures, documentations
Gramm,
Leach, Bliley
The
Financial Modernization Act of 1999, also known as the “Gramm-Leach-Bliley
Act” or GLB Act, includes provisions to protect consumers’ personal
financial information held by financial institutions. There are three
principal parts to the privacy requirements: the Financial Privacy Rule,
Safeguards Rule and pretexting provisions.
EnterComp can assist you and provide a proposal of
services with respect to Gramm, Leach, Bliley compliance.
Certified Information Systems Auditor
 |
Since
1978, the Certified Information Systems Auditor (CISA) program,
sponsored by ISACA®, has been the globally accepted standard of
achievement among information systems (IS) audit, control and
security professionals. |
| |
|
| |
|
| |
|
CRI Strategic Partner
 |
Our
strategic partner Carr, Riggs & Ingram, LLC is a regional
certified public accounting firm with office locations in
Alabama, Georgia, Florida, Tennessee and Mississippi.
Through this alliance, Entercomp and CRI can provide unmatched
IT audit, business solutions and
consulting service. |
