IT Audit & Consulting Services
Our goal is protecting yours
Is your critical information secure? How do you know?
Information technology controls should support and enable business objectives — not hinder them. Because organizations have unique characteristics and varying degrees of risk tolerance, there is no “one size fits all” solution. At KraftCPAs, we help clients assess risks to their information systems and implement controls to mitigate risk based on their tolerance level.
Because of our team’s extensive IT internal audit experience, clients often turn to KraftCPAs to provide the hard-to-find technology and IT audit expertise that is typically not available or easily retained in most organizations’ internal audit departments.
KraftCPAs’ IT risk assessment procedures are designed to accommodate the objectives of the company and any applicable regulatory agencies. The security of your information systems is a crucial component of IT risk and is key to protecting your company and your customers.
- is enterprise-wide in scope (covering management, technical and operational controls)
- is based on a documented risk assessment
- includes analysis of controls, policies, procedures and security measures
- is customizable to meet your needs
Our team is able to provide a variety of IT audit and consulting services, including, but not limited to:
- IT Risk Assessments & Audits
- IT General & Application Control Reviews
- Information Security Audits & Assessments
- Network and Cyber Security
- Network Vulnerability Testing
- Penetration Testing (External, Internal, Wireless, Web Application)
- Social Engineering
- HIPAA, HITECH & HITRUST Compliance Assessment
- IT Policies and Procedures Review & Assessment
- Payment Card Industry (PCI) DSS Compliance Reviews (All entities that accept credit card payments are subject to PCI compliance.)
- Governance Risk Management and Compliance (GRC)
- Enterprise Risk Management (ERM)
- Together with our affiliate, Kraft Analytics, LLC, we are able to offer data analysis and analytics.
- FFIEC Audits
- Business Continuity & Disaster Recovery Plan Facilitation & Testing
- FISMA, NIST, ISO 27001 Compliance Assessments