IT Third Party Assessments

After a Gap Analysis, you will know what controls to put in place. Once those controls are implemented, are they consistently being followed? Does each employee know the policies and procedures put in place? An IT Audit will test the controls and make sure they are effectively protecting the organization.

‍

Information Technology Application Controls (ITAC) Audits

ITACs are responsible for protecting the transactions and data associated with a specific software application, are unique to each application, focus on input, processing, and output functions, ensure the completeness and accuracy of records created by the application, the validity of data entered into those records, and the integrity of data throughout the lifecycle. ITAC audits, or information systems audits, examine the management controls IT infrastructure and business applications. Stetson’s team can perform ITAC audits as stand-alone assessments or in conjunction with internal audit, or other form of attestation engagement.

‍

Information Technology General Controls (ITGC) Audits

ITGCs apply to all systems, components, processes, and data for a given organization or information technology (IT) environment. The objectives of ITGCs are to ensure the proper development and implementation of applications, as well as the integrity of programs, data files, and computer operations. As part of an ITGC audit, Stetson will assess your organization’s controls related to logical access over infrastructure, applications and data, system development life cycle, program change management, data center physical security, system and data backup and recovery, and computer operations.