IBM Premier Business Partner
:: IT AUDIT & COMPLIANCE SERVICES ::
Overview IT Auditing and Risk Assessment Services IT Audit and Compliance Services for Financial Institutions Business Continuity Services Business Continuity Program
Portal Payment Card Industry (PCI) Compliance Services Security Assessment Services IT Compliance Services for Privacy Regulations Computer Forensics and Incident Response
Lighthouse Webcasts
Lighthouse Newsletter
SubscribeView Newsletters
Ask the Experts

IT Auditing and Risk Assessment Services

To better service the compliance and audit needs of our customers, Lighthouse Computer Services has established a strategic partnership with Compass IT Compliance, LLC. The members of Compass IT Compliance, LLC are highly experienced and certified, and the company’s managing partners were formerly senior consultants within the Lighthouse IT Compliance Group.

Identify gaps in internal controls through a comprehensive IT Audit of your organization.

Today more than ever, organizations of all sizes need to assess, manage and monitor risk. Maintaining an in-house IT audit department, though, is a complex and costly endeavor. With companies trying to streamline operations, outsourcing IT Audits is an effective and efficient means to meet business objectives.

Compass IT Compliance, LLC provides experienced, certified IT Auditors to perform your IT audit and risk assessment work at a lower cost than maintaining your own internal auditing staff. By outsourcing your IT Audit requirements to a trusted provider, you can save costs while ensuring complete IT compliance.

Their IT Auditing Services will help your company:

Develop your annual Audit Plan

Evaluate internal controls to identify risks

Assess security compliance with applicable laws and regulations

Reduce the time examiners spend reviewing different areas of your organization during an actual IT audit


Outsource IT Audits.

Save Costs. Protect the Enterprise.

Compass' CISA-certified auditors perform the IT Audit to examine your IT environment and identify gaps in internal controls. By applying the COBIT framework, including the Maturity Model, to all control objectives, their IT Auditors can reduce the time examiners spend reviewing your organization during an actual examination. Compass includes in the deliverables a formal report detailing their findings and recommendations for remediation of IT controls failing an audit. 

Compass provides experienced, certified IT Auditors to work closely with your internal team to perform IT audit work. They will recommend and perform audit procedures approved by your internal audit manager, and/or your Audit Committee. In addition, Compass will work jointly with your internal audit manager to report significant findings to your Board or Audit Committee as needed.

Although Compass IT Compliance's role is one of an independent Audit partner, communication among key stakeholders in your organization will not be compromised. Compass' auditors will document all work and promptly report all control weaknesses to your internal audit manager, Audit Committee, and senior management as directed.

 

Compass Compliance IT Audits:

Methodology and Deliverables

Compass IT Compliance works with your internal auditors to determine the appropriate level of audit coverage for your organization’s IT environment, and to define an effective risk assessment methodology. This methodology provides all stakeholders with objective information to properly prioritize the allocation of audit resources, and includes the following:

• Identification and documentation of your IT 
  infrastructure, applications, operating systems,
  facilities, and key personnel.

• Identification and documentation of significant 
  business processes, implemented controls, 
  and existing risks. 
• Scoring system that ranks and evaluates 
  business and control risks for key business 
  units, departments, products and services. 

• Review of risk assessments and annual risk-
  based audit plans that establish audit 
  schedules, audit cycles, work program scope, 
  and resource allocation for each area audited. 

• Implementation of audit plan through 
  planning, execution, reporting, and follow-up. 
 
• Monthly updates reflecting the status of the 
  audit, as well as used and remaining hours.

 

 

Compass IT Risk Assessment

Assess your organization's IT environment to identify risks and gaps in controls.

In today’s dynamic technology environments, organizations are exposed to many security risks that need to be mitigated by implementing the appropriate level of internal controls. These controls are critical, and have two facets: design of controls and operating effectiveness of controls. 

Compass IT Compliance's IT Risk Assessment inspects the customer’s IT environment, and identifies risks, internal controls, and gaps in controls. Compass applies the COBIT framework to the customer’s environment, including the Maturity Model, to all Control Objectives.

The IT Risk Assessment breaks down the probability and impact of individual risks, and applies the CoBiT® CMM (Capability Maturity Model) to the IT controls in place to mitigate that risk. By doing this, Compass is able to more accurately identify gaps, determine acceptable risk levels, and prioritize remediation tasks with recommendations for the implementation of specific controls for effective IT Risk Management. 

Compass IT Compliance, LLC will also develop written guidelines on the use of risk assessment tools and risk factors, and review these guidelines with your various stakeholders. Their IT Auditors use these guidelines to grade or assess major risk areas and to define the range of scores and assessments.

 

For more information, or to schedule a consultation, please visit Compass IT Compliance, LLC, or call Compass at 888-246-7594.

Home | Company | Practices | Products | Customer Success | News and Events | Careers | Partners | Privacy | Site Map
Copyright©2012  Lighthouse Computer Services, Inc.
Customer Login Employee Login