IT Audit Program

A regional financial institution requested CrossCheck perform an enterprise information technology (IT) risk assessment in order to develop a three year risk-based internal IT audit plan. The IT audit plan aligned with the internal operational audit plan to assess GLBA and FFIEC control compliance. We consulted on expanding the scope and objectives of operational audits to provide greater coverage of application level IT controls. We executed the first year's audit plan and provided recommendations to improve controls.  Our services assist many institutions with a cost-effective, flexible controls analysis by providing deep technical expertise not readily available in many organizations.