IT Audit and Compliance Services for Financial Institutions

Assess your organization's IT environment to identify risks and gaps in controls.

In today’s dynamic technology environments, organizations are exposed to many security risks that need to be mitigated by implementing the appropriate level of internal controls. These controls are critical, and have two facets: design of controls and operating effectiveness of controls.

The IT Risk Assessment breaks down the probability and impact of individual risks, and applies the CoBiT®CMM (Capability Maturity Model) to the IT controls in place to mitigate that risk. Through the IT Risk Assessment process, Compass IT Compliance, LLC is able to more accurately identify gaps, determine acceptable risk levels, and prioritize remediation tasks with recommendations for the implementation of specific controls for effective IT Risk Management.

Data Loss Prevention (DLP)

Compass' Data Loss Prevention (DLP) Data at Rest assessment services identify where sensitive data resides by crawling through website content, servers and workstations. This assessment service will help management identify where data lives in order to comply with various industry regulations, such as PCI, GLBA and HIPPA.

Web Application Assessment Service (WAAS)

Web Application Assessment Service (WAAS) is designed to identify weaknesses and vulnerabilities commonly found in web applications. Whether bought off the shelf or developed in house, web applications should be regularly assessed to ensure common development flaws and newly discovered vulnerabilities are quickly identified and remediated. Compass' WAAS service ensures compliance with the PCI Data Security Standards.