 |
Informative Articles
|
|
Companies of all sizes use information technology. Most companies are highly dependent, and in some cases totally dependent, on technology for critical aspects of their business including finance, operations, procurement, distribution, and sales, BUT few have the resources for effective IT risk assessment to ensure their data is accurate, available, secure, and un-compromised. Even large companies with IT audit departments struggle to keep their staff trained on all current and emerging technologies.
First hand experience
Having had offices destroyed by a tornado, KraftCPAs knows first hand the critical nature of information asset security. We understand the risks to and vulnerabilities of systems that store, transmit, and process critical information.
Whether through natural disaster, electronic theft, physical loss, or unintentional exposure, having business information compromised or exploited will impact a business. Depending on circumstances, the impact can range from inconvenient to catastrophic.
Ask Yourself
What information is most critical to our organization?
What is the impact of having that information stolen, exposed, lost, or compromised?
Is our critical information secure? How do we know?
Information technology security and IT controls should support and enable business objectives -- not hinder them. Because organizations have unique characteristics and varying degrees of risk tolerance, there is no "one size fits all" solution. We help clients assess risks to their information systems and implement controls to mitigate risk based on their tolerance level.
Sophisticated expertise
KraftCPAs has a team of professionals dedicated to information technology security. Our team includes CPAs, Certified Information Systems Auditors (CISAs), Certified Information Systems Managers (CISMs), and Certified Information Technology Professionals (CITPs). In addition, we have several vendor-specific, technical certifications. We invest heavily in continuing professional education for our team. They are technology, security and audit experts who also understand business.
KraftCPAs IT Audit and Security Services include: - General IT control reviews
- Full IT system audits
- Compliance consulting including Sarbanes Oxley, GLBA, FFIEC, FDIC, and HIPAA
- SAS 70 audits and pre SAS 70 audit consulting
- Information asset risk assessment
- Network penetration and vulnerability assessment
- Social engineering assessment
- Business continuity/disaster recovery planning
- IT audit and security training classes and seminars
For more information on any of the above services,
contact: Steve Lineberry, CISA |
|
|
|
