Technology Risk

The integrity of critical business processes depends on trusted information systems and reliable, secure data. Compliance with industry standards strengthens systems and data, enabling companies to appropriately handle security threats and maintain the integrity of computing processes.

Why MorganFranklin?

MorganFranklin helps companies manage technology risks and comply with IT security requirements. We apply proven IT audit, security, and governance frameworks—including COSO, COBIT, ITIL, ISO 27001, NIST SP 800 series, GAIT, and GTAG—to identify and define risks, establish controls, and demonstrate compliance. Our team's certifications include:

  • Certified Internal Auditor (CIA)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Ethical Hacker (CEH)
  • EC-Council Certified Security Analyst (ECSA)
  • Certified Public Accountant (CPA)

Compliance with IT security requirements should not be a roadblock for any organization. But companies must balance the cost of stronger governance, risk, and control measures with the need to drive performance. To extract maximum value from security investments, we work with leadership to communicate the connection between IT security and strategic goals across enterprises.


Capabilities

  • IT audit readiness and testing support
  • SSAE 16 (SOC 1) readiness and audit support
  • SSAE 16 (SOC 2 and SOC 3) readiness assessments
  • Internal audit support
  • Operational and enterprise risk assessments
  • Third-party evaluation of hosted solution service-level agreements (SLAs), including cloud computing
  • Enterprise architecture (EA) risk analysis and remediation
  • Business continuity assessments
  • IT policy and procedure development, documentation, and communication
  • Risk identification and remediation

Impact & Value

  • Develop common framework and risk language
  • Enhance corporate governance
  • Actively monitor processes for compliance issues
  • Bridge the gap between finance and IT
  • Implement repeatable processes that deliver sustainable value
  • Establish discipline around IT transformation