Information Systems Audit and Assurance

Our audit and assuarance services are designed to help your organization fulfill its regulatory and oversight responsibilities. We strive to understand the needs and maturity level of every client organization, and we tailor our work programs to provide the best match for your unique situation. We offer structured audit services based on accepted industry standards and assurance services ranging from penetration testing to black- and white-box software testing. Our audit practice is led by a certified (CISA, CISM, CISSP) audit professional, and our reports conform to Information Systems Audit and Control Association (ISACA) guidelines.

Common Services

  • Community bank information technology audits based on standards published by the Federal Financial Institutions Examination Council (FFIEC)
  • Web application and network penetration testing
  • System and network audits based on National Institute of Standards and Technology (NIST) guidelines
  • Information Security Management Systems audits based on the ISO 27000 series of documents
  • Software development and application security reviews