Information Technology Audit
- Design and operating effectiveness of IT General controls. This includes:
- Security Administration
- Change Management
- Computer Operations
- System Development Life Cycle (SDLC) using Agile and Scrum methodologies.
- Ensuring material weaknesses and Significant Deficiencies are remediated timely.
- Audit of Data Centers
- Audit of Vendor Management
- Audit of Applications to ensure transactions are processed completely and accurately
- Audit of Cybersecurity including:
- Identity and Access Management
- Data Security
- Endpoint Security
- Security Awareness
- Incident Management
- Compliance to PCI and ISO Standards
- Audit of AWS Cloud Security includes the design and controls relating to the following:
- Shared responsibility model
- AWS Security Responsibilities
- Customer Security Responsibilities
- Identity and Access Management
- Security of the AWS Cloud
- Logging and monitoring in the cloud
- Cloud infrastructure security
- Data protection in the cloud
- Shared responsibility model