IBM Premier Business Partner
:: IT AUDIT & COMPLIANCE SERVICES ::
Overview IT Auditing and Risk Assessment Services IT Audit and Compliance Services for Financial Institutions Business Continuity Services Business Continuity Program
Portal Payment Card Industry (PCI) Compliance Services Security Assessment Services IT Compliance Services for Privacy Regulations Computer Forensics and Incident Response Customer Success Stories Project Management
Lighthouse Webcasts
Lighthouse Newsletter
SubscribeView Newsletters
Ask the Experts

 

Today more than ever, organizations of all sizes need to assess, manage and monitor risk. Maintaining an in-house IT audit department, though, is a complex and costly endeavor. With companies trying to streamline operations, outsourcing IT Audits is an effective and efficient means to meet business objectives.

The Lighthouse IT Audit and Compliance Group provides experienced, certified IT Auditors to perform your IT audit and risk assessment work at a lower cost than maintaining your own internal auditing staff. By outsourcing your IT Audit requirements to a trusted provider, you can save costs while ensuring complete IT compliance.

Our IT Auditing Services will help your company:

Develop your annual Audit Plan

Evaluate internal con- trols to identify risks

Assess security com- pliance with applicable laws and regulations

Reduce the time ex-
aminers spend review- ing different areas of your organization during an actual IT audit


Outsource IT Audits.

Save Costs. Protect the Enterprise.

Lighthouse CISA-certified auditors perform the IT Audit to examine your IT environment and identify gaps in internal controls. By applying the COBIT framework, including the Maturity Model, to all control objectives, Lighthouse’s IT Auditors can reduce the time examiners spend reviewing your organization during an actual examination. Lighthouse includes in the deliverables a formal report detailing our findings and recommendations for remediation of IT controls failing an audit.

Lighthouse provides experienced, certified IT Auditors to work closely with your internal team to perform IT audit work. Lighthouse will recommend and perform audit procedures approved by your internal audit manager, and/or your Audit Committee. In addition, Lighthouse will work jointly with your internal audit manager to report significant findings to your Board or Audit Committee as needed.

 Although Lighthouse’s role is one of an independent Audit partner, communication among key stakeholders in your organization will not be compromised. Lighthouse’s auditors will document all work and promptly report all control weaknesses to your internal audit manager, Audit Committee, and senior management as directed.

 

Lighthouse IT Audits:

Methodology and Deliverables

Lighthouse works with your internal auditors to determine the appropriate level of audit coverage for your organization’s IT environment, and to define an effective risk assessment methodology. This methodology provides all stakeholders with objective information to properly prioritize the allocation of audit resources, and includes the following:

• Identification and documentation of your IT 
  infrastructure, applications, operating systems,
  facilities, and key personnel.

• Identification and documentation of significant 
  business processes, implemented controls, 
  and existing risks. 
• Scoring system that ranks and evaluates 
  business and control risks for key business 
  units, departments, products and services. 

• Review of risk assessments and annual risk-
  based audit plans that establish audit 
  schedules, audit cycles, work program scope, 
  and resource allocation for each area audited. 

• Implementation of audit plan through 
  planning, execution, reporting, and follow-up. 
 
• Monthly updates reflecting the status of the 
  audit, as well as used and remaining hours.

 

 

Lighthouse IT Risk Assessment

In today’s dynamic technology environments, organizations are exposed to many security risks that need to be mitigated by implementing the appropriate level of internal controls. These controls are critical, and have two facets: design of controls and operating effectiveness of controls.

Lighthouse’s IT Risk Assessment inspects the customer’s IT environment, and identifies risks, internal controls, and gaps in controls. Lighthouse Computer Services applies the COBIT framework to the customer’s environment, including the Maturity Model, to all Control Objectives.

The IT Risk Assessment breaks down the probability and impact of individual risks, and applies the CoBiT® CMM (Capability Maturity Model) to the IT controls in place to mitigate that risk. By doing this Lighthouse is able to more accurately identify gaps, determine acceptable risk levels, and prioritize remediation tasks with recommendations for the implementation of specific controls for effective IT Risk Management.

Lighthouse will also develop written guidelines on the use of risk assessment tools and risk factors, and review these guidelines with your various stakeholders. Our IT Auditors use these guidelines to grade or assess major risk areas and to define the range of scores and assessments.

 

 


IT Auditing & Risk Assessment
 Services Brochure

For more information or to schedule a no-cost initial consultation, please contact info@lighthousecs.com or call 888-542-8030 x113.

Home | Company | Practices | Products | Customer Success | News and Events | Careers | Partners | Privacy | Site Map
Copyright©2010  Lighthouse Computer Services, Inc.
Customer Login Employee Login