IT Audit

Reviewing and reporting on IT Controls has become a requirement for financial institutions in recent years. The necessity to implement stringent IT controls and to regularly report on the effectiveness of those controls is only going to become more burdensome without the right system in place to manage this ever increasing requirement. The Key IT General Controls will include security administration, change management and availability.

 

The general IT Control process consists of the following:

• Identifying sensitive information assets
• Determining the current processes in place used to protect that information
• Implementing controls to test the effectiveness of the implemented processes
• Performing an internal audit/review of the those controls and their effectiveness
• Remediate potentially weak or ineffective controls
• Have an external audit team perform testing and report their findings to senior management and/or the board of directors

At HEIT, our compliance team has extensive experience working with many organizations from Fortune 150 companies to those with fewer than 50 employees. Our team has been on the leading edge dealing with accelerated filers of Sarbanes-Oxley compliance, Gramm-Leach-Bliley, CA SB1386 and the multitude of other regulations that are centered on general security of data relating to financial and customer information.