IT Audits

Identifying problem areas in your technology environment

Integrity’s IT audits are conducted using common security controls, frameworks and industry best practices. These audits provide insight into potential gaps in processes and procedures in technology environments. Integrity’s consultants provide expert opinions on how effectively controls are designed and how efficiently they are working. With this information, organizations are able to make changes to their administrative, physical, and technical controls to better meet business goals, reduce risk, and save money.

People, Processes, and Technology

Audits

Integrity’s audits provide a close view into an organization’s information security posture, risk management, controls, and compliance with security requirements. Audits are designed to identify information security gaps so that the organization can take steps to reduce risks and continually enhance their controls, processes and procedures.

IT Audits

Standards and Controls

  • NIST Special Publication 800-53
  • ISO 27001
  • FFIEC
  • HIPAA
  • PCI

Security Certifications

Auditor Certifications

  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • ITIL®

An IT Audit with Integrity

Integrity focuses on helping to improve each organization’s security program throughout the audit process. An Integrity IT Audit identifies risks and provides recommendations for addressing these risks, helping organizations to make informed decisions about enhancing their overall information security program.

During an audit, Integrity consultants interview an array of employees throughout various departments (i.e., HR, IT, Compliance) in an organization. These interviews deliver insight that goes beyond technology and into the heart of the business.

Integrity uses the responses from the interviews to help validate the controls described in policies and procedures. Once the controls have been reviewed, they are then assessed to determine whether they are meeting the intended purpose as described in the policies and procedures.

When to perform an IT Audit:

After Completion of a New Project

Give your new project the best chance to survive.

Adding a New Service

Introducing a new web app or hosting environment can introduce new vulnerabilities.

Needing Help with Compliance Regulations

Are there rules or regulations that require you to receive an annual audit?

Vendor Management

Your organization is only as secure as its 3rd party vendors.