Information Security Assessments

We help organizations with objective assessments, identify crucial information and key security risks, and assist with the implementation of industry best practice security standards to mitigate these risks:

• Identify, develop and test internal control policies and procedures within business process and information technology environments.
• Help organizations ascertain that logical security tools and techniques are appropriately implemented and configured to ensure complete, accurate, and valid processing or recording of financial information.
• Help organizations ascertain that adequate access restriction mechanisms exist to ensure that significant information resources are not modified inappropriately, disclosed without authorization, and/or unavailable when needed.

Physical Security Assessments

We evaluate clients’ physical security mechanisms to ensure that facilities are appropriately managed to protect the integrity of financial information as it is managed by the relevant components of the IT infrastructure:

• Assess adequacy of the physical security measures for the client’s data centers and/or computer rooms that prevent loss or substitution of data, programs, and output or damage or disruption to the computer facility and equipment and ensure that information resources are available when they are needed.
• Evaluate environmental security measures to ensure that information resources are adequately protected against environmental hazards and related damage.