IT Audit & Technology Risk

The integrity of critical business processes is dependent upon trusted information systems and reliable and secure data. For those handling confidential, private, and sensitive data and communications, compliance with industry standards gives customers, investors, and other stakeholders greater confidence that the growing list of security threats is being handled. We help clients deliver this confidence.

Why MorganFranklin?

MorganFranklin provides IT audit and related technology risk management services. We apply proven IT audit, security, and governance frameworks such as COSO, COBIT, ITIL, ISO 27001, NIST 800 series, GAIT, and GTAG to help clients identify and define risks, establish controls to mitigate them, and apply frameworks for demonstrating compliance. Our staff brings qualifications and certifications including CIA, CISA, CISSP, CEH, and CPA.

Our consultants believe that compliance with IT security requirements should not slow companies down. We are conscious of the need to balance the cost of stronger governance, risk, and control measures with the need to drive performance. We do this by ensuring that the connection between IT security and strategic goals is clear and communicated across the enterprise. This approach, combined with technical expertise in all aspects of IT audit and security, makes us an ideal partner for companies seeking to get the most value from their security investments.

Capabilities

IT audit readiness and SSAE 16 (formerly SAS 70) IT audit support
IT security policy development, documentation, and communication
Third-party evaluation of service-level agreements (SLAs) related to hosted solutions, including cloud computing
Entity-level controls support
SOX and A-123 compliance
Specialized security assessment of interfacing systems
Privacy and confidentiality assessment
IT security services
IT operations assessment
Enterprise architecture (EA) risk analysis and remediation
Business continuity assessment