Information Technology Audit

  • Design and operating effectiveness of IT General controls. This includes:
    • Security Administration
    • Change Management
    • Computer Operations
    • System Development Life Cycle (SDLC) using Agile and Scrum methodologies.
    • Ensuring material weaknesses and Significant Deficiencies are remediated timely.
  • Audit of Data Centers
  • Audit of Vendor Management
  • Audit of Applications to ensure transactions are processed completely and accurately

 

  • Audit of Cybersecurity including:
    • Identity and Access Management
    • Data Security
    • Endpoint Security
    • Security Awareness
    • Incident Management
    • Compliance to PCI and ISO Standards
    • Compliance to Cloud Security Assessment (CSA) of Security Trust & Assurance Registry (STAR) services.
  • Audit of AWS Cloud Security includes the design and controls relating to the following:
    • Shared responsibility model
      • AWS Security Responsibilities
      • Customer Security Responsibilities
    • Identity and Access Management
    • Security of the AWS Cloud
      • Logging and monitoring in the cloud
      • Cloud infrastructure security
      • Data protection in the cloud