Security. Audit. Compliance.

© 2018 SecureIT All Rights Reserved.

Phone: 703.464.7010

eBook: Transforming Audit for the Cloud 

Access proven best practices and valuable insights from industry leaders that will propel success with your cloud audit

Moving to a Threat-Based Approach

What's New & Key Differences

Approach & Collabration Strategy 

IT Audit Experts for Your Evolving Enterprise 

Independent audit and assessment provides management with the assurance that IT controls are designed appropriately and operating effectively. SecureIT’s CISA and CISSP consultants rely on deep technical skills and industry knowledge to understand requirements, assess and evaluate security postures, and provide cost-effective recommendations when deficiencies are found.

IT Audit Co-sourcing/Outsourcing: we invest heavily in ongoing training of our CISAs and CISSPs — so you don’t have to. In fact, we encourage our clients to leverage our people, methodologies, technology, knowledge, and expertise on their own behalf. Depending on your needs, we can perform single audits encompassing all areas of technology or a comprehensive series of audits scheduled throughout the year. We can also provide experienced professionals to supplement your existing IAD resources and help transfer knowledge and build skills internally within your team. SecureIT's flexible delivery model can support both standard staff augmentation and customized staffing models, such as SME support for technical audits or even full audit teams that will independently plan, execute, report, and oversee the audit. Our IT audit consultants have the skills and experience to address the full range of IT audits, including the following technologies and process audits:

Compliance Audits: we perform independent third-party assessments for a range of security and IT governance related compliance standards. Alternatively, our professionals can advise our clients on security gaps and program enhancements that are required to address compliance requirements and guide remediation actions when gaps are identified. SecureIT’s compliance audit services encompass the following compliance standards:

^{Earlier this year, SecureIT convened a roundtable discussion with Internal IT Audit leaders from leading financial services firms.  In a lively discussion, participants shared key challenges facing IT Audit with respect to cloud computing and offered suggestions for transforming audit practices for the cloud.}

^{The eBook is a must read for increasing IT Audit's success in planning, executing, and monitoring cloud audit initiatives.}  

What Skills are Critical to Success

• Cloud computing
• Cybersecurity
• Security logging, event management & monitoring
• UNIX and Windows servers
• Database platforms
• Web infrastructure & applications
• Virtualization

• Network security & operations
• Configuration management
• System resilience, backup & recovery
• Agile development and DevOps
• IT risk management and governance
• Data management
• Application security & data integrity

• FISMA and NIST 800-53
• FedRAMP
• NIST 800-171
• SOC
• ISO 27001/27002

• Sarbanes Oxley (management testing)
• PCI DSS
• HIPAA/HITECH
• FFIEC

External Audit Support: we work closely with our CPA partners to bring our IT audit expertise to SOX and financial statement audits. Our consultants assess and test IT controls (including both automated application controls and IT general controls) that support reliable financial reporting. SecureIT can also assist CPA firms performing SOC audits by leveraging our information security knowledge to assess and test controls related to Trust Services Criteria or Cybersecurity.

Audit Liaison: we act as facilitator, interpreter, and liaison between our clients and their auditors and regulating authorities. Our experienced consultants can simplify the audit process for IT, create efficiencies, and lessen the load on IT personnel during the audit. SecureIT can also conduct audit readiness reviews to identify and mitigate risks before the auditors and regulators arrive.