Information Technology Audit Services

Information Technology (IT) is becoming increasingly important to the business strategy, operations and internal audit of most organizations today. An increased dependency on technology to deliver meaningful benefits to an organization can raise additional issues of security, integrity and control. At Cherry, Bekaert & Holland, L.L.P. (CB&H), we understand how vital it is to manage these business and regulatory concerns. Our IT Audit & Advisory Services Group can help protect your organization’s information systems, and ensure compliance and regulatory requirements.

Our IT assurance professionals have over 20 years of IT control and audit experience working with a diverse and growing client base. This experience and practical knowledge is complemented by professional accreditations, such as Certified Information Systems Auditor (CISA), and affiliations, including membership in the Information Systems Auditing and Control Association (ISACA).

Through our IT Audit Service Group, CB&H can assist clients with a full spectrum of IT assurance services, including technical, operational and security audits. Areas of review include:

• Internal/external information systems audits
• Internet and firewall audits
• Network and data security
• Computer security
• Mainframe computer systems
• Client servers, local and wide area networks
• Information systems policies and procedures
• Disaster recovery and business continuity planning
• E-commerce initiatives
• Data processing by third party administrators (TPA)
• IT audits
• ACH audit services

The integrity of information management and delivery is mission-critical to the stability of each client’s business. CB&H is committed to helping our clients navigate the changing landscape of technology. Our IT assurance professionals can identify, evaluate and recommend solutions to mitigate system vulnerabilities and leverage operational efficiencies across a wide range of service offerings.

IT Audit Services

• SAS 70 Reports:
• Type I – Description of Information Systems Controls
• Type II – Test of Controls
• Information systems general controls and application systems controls reviews
• Technical infrastructure and operational practices review
• ACH internal controls and compliance IT Security Review
• Audit, control and security of systems
• Audit, control and security of networks and firewalls
• Protection of internet systems - Web and email servers

Information System Management

• Strategic management planning and organization of information systems
• Risk assessments
• Business process evaluation
• Review of policies and procedures
• Disaster recovery and business continuity planning
• Security awareness training

E-Commerce

• Internet and e-business application review, evaluation and planning
• Audit, control and security of e-commerce