|
|||||
IT Auditing |
|
|
|||||||
|
ALP's risk-based IT audit approach identifies nine key IT process areas, such as Change Control and Application Controls, that must be evaluated prior to expressing an opinion on the overall effectiveness of the internal control environment. For each of these nine IT processes, specific control objectives have been identified. These control objectives have universal applicability for any company that strives to publish accurate financial statements. For example, one specific Control Objective in the “Applications Controls” section would include the following: Provide assurance that each critical application has a security methodology in place so that:
Recognizing the need for an integrated and SOX-compliant approach to the evaluation of IT controls over financial reporting, ALP developed a detailed, risk-based approach to auditing IT systems and applications for Sarbanes-Oxley compliance. We utilize the COBIT® and COSO® frameworks to understand, document and test the linkage between IT processes and financial system controls. This approach results in true “value-added” audits that address risks specific to your information systems environment(s) and eliminates unnecessary control objectives from the scope of our review, saving you money, and is consistent with SEC and PCAOB requirements and directives. We have extensive Sarbanes-Oxley and IT auditing experience in the financial services, manufacturing, banking and higher education environments. Some of the clients we've worked with include the University of Texas, Texas State Bank, Tecumseh Products, Gibraltar Steel, Coachmen, Franklin Electric and Zwick Roell. Download a brochure about our IT Audit capabilities here: |
||||||
|
||||||