
|
Today more than ever, organizations of all sizes need to assess, manage and monitor risk. Maintaining an in-house IT audit department, though, is a complex and costly endeavor. With companies trying to streamline operations, outsourcing IT Audits is an effective and efficient means to meet business objectives. |
The Lighthouse IT Audit and Compliance Group provides experienced, certified IT Auditors to perform your IT audit and risk assessment work at a lower cost than maintaining your own internal auditing staff. By outsourcing your IT Audit requirements to a trusted provider, you can save costs while ensuring complete IT compliance. |
Our IT Auditing Services will help your company: |
Outsource IT Audits.
Save Costs. Protect the Enterprise.
| Lighthouse CISA-certified auditors perform the IT Audit to examine your IT environment and identify gaps in internal controls. By applying the COBIT framework, including the Maturity Model, to all control objectives, Lighthouse’s IT Auditors can reduce the time examiners spend reviewing your organization during an actual examination. Lighthouse includes in the deliverables a formal report detailing our findings and recommendations for remediation of IT controls failing an audit. Lighthouse provides experienced, certified IT Auditors to work closely with your internal team to perform IT audit work. Lighthouse will recommend and perform audit procedures approved by your internal audit manager, and/or your Audit Committee. In addition, Lighthouse will work jointly with your internal audit manager to report significant findings to your Board or Audit Committee as needed. |
|
Although Lighthouse’s role is one of an independent Audit partner, communication among key stakeholders in your organization will not be compromised. Lighthouse’s auditors will document all work and promptly report all control weaknesses to your internal audit manager, Audit Committee, and senior management as directed.
|

Lighthouse IT Audits:
Methodology and Deliverables
| Lighthouse works with your internal auditors to determine the appropriate level of audit coverage for your organization’s IT environment, and to define an effective risk assessment methodology. This methodology provides all stakeholders with objective information to properly prioritize the allocation of audit resources, and includes the following: • Identification and documentation of your IT infrastructure, applications, operating systems, facilities, and key personnel. • Identification and documentation of significant business processes, implemented controls, and existing risks. |
| • Scoring system that ranks and evaluates business and control risks for key business units, departments, products and services. • Review of risk assessments and annual risk- based audit plans that establish audit schedules, audit cycles, work program scope, and resource allocation for each area audited. • Implementation of audit plan through planning, execution, reporting, and follow-up. • Monthly updates reflecting the status of the audit, as well as used and remaining hours. |
Lighthouse IT Risk Assessment
|
In today’s dynamic technology environments, organizations are exposed to many security risks that need to be mitigated by implementing the appropriate level of internal controls. These controls are critical, and have two facets: design of controls and operating effectiveness of controls. |
| The IT Risk Assessment breaks down the probability and impact of individual risks, and applies the CoBiT® CMM (Capability Maturity Model) to the IT controls in place to mitigate that risk. By doing this Lighthouse is able to more accurately identify gaps, determine acceptable risk levels, and prioritize remediation tasks with recommendations for the implementation of specific controls for effective IT Risk Management. Lighthouse will also develop written guidelines on the use of risk assessment tools and risk factors, and review these guidelines with your various stakeholders. Our IT Auditors use these guidelines to grade or assess major risk areas and to define the range of scores and assessments. |
![]() IT Auditing & Risk Assessment Services Brochure |
For more information or to schedule a no-cost initial consultation, please contact info@lighthousecs.com or call 888-542-8030 x113.