IT Audit & Technology Risk

We are far from a ‘paperless’ world some said would happen with the computer, but the way we do business has changed forever — and so have the risks.

MorganFranklin's IT Audit and Technology Risk services are designed to help strengthen information technology general control processes and related security configurations of the infrastructure. We provide cost effective solutions to help companies maintain the integrity of critical data through examining key infrastructure elements including the network, operating systems, databases and applications and ensure consistency of process execution for administration of system users and configuration changes. Our IT Audit and Technology Risk services consist of:

• IT Audit Services — Compliance focused solutions focused on the integrity of critical data through examining key infrastructure elements including the network, operating systems, databases and applications. IT processes are closely evaluated from a design and operating effectiveness perspective to ensure consistency of process execution for the administration of system users, management of configuration changes and effective data center operations.
• IT Security Services — Specialized security assessments of customer and business partner interfacing systems such as electronic funds transfer (EFT), electronic data interchanges (EDI), web portals, trading and information exchanges, and secured communication and storage of information subject to privacy regulations.
• IT Shared Services internal control assessments (similar to SAS70) — An operational focused control assessment based upon the CobIT framework for IT general controls and related applications. A key element is the identification and testing of automated application controls which are critical to effective processing of transactions by users of the shared applications. Our focus is on pre-assessments and audit support to ensure readiness for formal SAS70 examinations.