|
Companies of all sizes use information systems. Most companies are highly dependent, and in some cases totally dependent, on technology for critical aspects of their business including finance, operations, procurement, distribution, and sales; BUT, few have the resources for effective IS risk assessment to ensure their data is accurate, available, secure, and un-compromised. Even large companies with internal IS audit departments struggle to keep their staff trained on all current and emerging technologies. First hand experience Having had an office destroyed by a tornado, KraftCPAs knows first hand the critical nature of information asset security. We also understand the risks to and vulnerabilities of systems that store, transmit, and process critical information. Whether through natural disaster, electronic theft, physical loss, or unintentional exposure, having business information compromised or exploited will impact a business. Depending on circumstances, the impact can range from inconvenient to catastrophic. What information is most critical to your organization? What is the impact of having that information stolen, exposed, lost, or compromised? The larger question is: Is your critical information secure? How do you know? Information systems security and IS controls should support and enable business objectives -- not hinder them. Because organizations have unique characteristics and varying degrees of risk tolerance, there is no "one size fits all" solution to information security. At KraftCPAs, we help clients assess risks to their information systems and implement controls to mitigate risk based on their tolerance level. Sophisticated expertise KraftCPAs has a team of professionals dedicated to information systems security. Our team includes CPAs, certified information systems auditors (CISA) and a certified information security manager (CISM). In addition we have several vendor-specific technical certifications. We invest heavily in continuing professional education for our team. They are technology, security and audit experts who also understand business. Teaming with KraftCPAs enables you to leverage our people, methodologies, technology, knowledge, and expertise. KraftCPAs IS Audit and Security Services include:
- General IS control reviews
- Full IS system audits
- Compliance consulting including Sarbanes Oxley, GLBA, FFIEC, FDIC, and HIPPA
- Service Organization Control (SOC) audits and consulting, including SOC 1, SOC 2 and SOC 3 (formerly SAS 70)
- SOC readiness reviews and gap analysis
- Information asset risk assessment
- Network penetration and vulnerability assessment
- Social engineering assessment
- Business continuity/disaster recovery planning
- IS audit and security training classes and seminars
|
|
