 |
An Information Technology (IT) audit is a review of the controls within an entity’s technology infrastructure and is typically performed in conjunction with a financial statement audit, Sarbanes–Oxley compliance, internal audit review, or other form of attestation engagement. Weaver and Tidwell’s IT audit process is conducted in accordance with the COBIT framework and layered on top of COSO and is focused on the COBIT control objectives. Services include: |
All Layers of the IT Audit Environment
- General computer control reviews
- IT audit testing
- IT security assessment
- Audit of outsourcing arrangements
- Information privacy review
- Enterprise risk management
Database and Critical Applications
- ERP/CRM application controls design and audit
- Custom application controls design and audit
- Application code review
- Data analysis and data mining
- Post implementation review
- IT audit in support of financial audit
Control Environment and all Layers of the IT Audit Environment
- SAS 70 consulting and attestation
- FDICIA compliance
- General control review for Sarbanes-Oxley
Business Control Environment
- IT audit planning services
- IT audit project management
- IT audit policy and procedure development and integration
- Business continuity and disaster recovery planning
Network and Operating System
- Platform specific IT audit services
- Internal host vulnerability assessment
- External penetration assessment
IT Audit Information and Resources
For more information about our internal audit services, contact:
Alyssa Martin, CPA, Partner - Dallas/Fort Worth, Risk Advisory Services at 972.448.6975 or
Brian Thomas, CISA, CISSP, Partner - Houston, Risk Advisory Services at 713.800.1050.