|
|
Insuring Your Success in Meeting Industry Standards and Regulations
|
|
At ECI, we deliver client services that clearly support the values and mission of the your
firm. To assist your company in meeting the demand of your IT risks, our IT Risk Management
Practice has developed a wide range of services, including:
|
- IT Internal Audit Services
We assist in achieving good corporate governance by identifying and assessing IT-related
business risks, resulting in the development and execution of an internal audit plan
designed to mitigate those risks by remediating identified control deficiencies.
- Sarbanes-Oxley IT Services
Assist in the auditing, documentation, testing, and remediation of IT control
deficiencies to achieve compliance with Sarbanes-Oxley regulations.
- SAS-70 Services
Assist outsource service companies with SAS-70 audit readiness for attestation, as a
demonstration of effective IT controls and control activities.
- Reg./Industry Compliance Assessments
Such audit assessments might include: SOX, PCI-DSS, HIPAA, ISO-27001, BS-25999, and ITIL.
- Physical/Logical Security Assessments
Provide organizations with a professional assessment of their corporate IT policies and procedures, as well as their environmental, perimeter,
and logical IT security infrastructure.
- Application Control and ERP Reviews
Assist in the auditing, testing and mitigation of business system risks associated with
the use of key business software, as well as assuring the effective use of computer system
controls and security measures.
|
In addition to our ERM services, ECI offers:
|
|
|
|
