MorganFranklin provides IT audit and related technology risk management services. We apply proven IT audit, security, and governance frameworks such as COSO, COBIT, ITIL, ISO 27001, NIST 800 series, GAIT, and GTAG to help clients identify and define risks, establish controls to mitigate them, and apply frameworks for demonstrating compliance. Our staff brings qualifications and certifications including CIA, CISA, CISSP, CEH, and CPA.
Our consultants believe that compliance with IT security requirements should not slow companies down. We are conscious of the need to balance the cost of stronger governance, risk, and control measures with the need to drive performance. We do this by ensuring that the connection between IT security and strategic goals is clear and communicated across the enterprise. This approach, combined with technical expertise in all aspects of IT audit and security, makes us an ideal partner for companies seeking to get the most value from their security investments.
- IT audit readiness and SSAE 16 (formerly SAS 70) IT audit support
- IT security policy development, documentation, and communication
- Third-party evaluation of service-level agreements (SLAs) related to hosted solutions, including cloud computing
- Entity-level controls support
- SOX and A-123 compliance
- Specialized security assessment of interfacing systems
- Privacy and confidentiality assessment
- IT security services
- IT operations assessment
- Enterprise architecture (EA) risk analysis and remediation
- Business continuity assessment
Impact & Value
- Align IT security plans with business goals
- Develop common framework and risk language
- Enhance corporate governance
- Actively monitor processes for compliance issues
- Bridge the gap between finance and IT
- Implement repeatable processes that deliver sustainable value
- Establish discipline around IT transformation
Pros and Cons of Fixed-Price Contracts in Consulting
Ensuring Loss of Resources Does Not Equal Loss of Knowledge
Submit a request for proposal.