Today, organizations face many challenges in safeguarding their private information, given the ever-increasing dependency on network and information systems. These systems are increasingly vulnerable to a variety of attacks that take place frequently on corporate networks. RFC provides IT Controls Audit & IT Review services to our clients in conjunction with the Financial Audits we perform. These IT Audits play a key role in ensuring compliance with today’s security standards and ensure that IT related controls and safeguards have been properly and effectively implemented.

Maybe surprisingly, the biggest vulnerability to your company and your systems are your own employees.  Applications can be patched, systems can be hardened, and physical locations can be locked down; however, your systems are only as strong as the people who access them every day. These end users, usually accidentally, can expose your organization to serious and costly breaches, infections, and data loss.  And, as enterprise data becomes more mobile, it also becomes more vulnerable – it’s carried on mobile phones, on laptops, and on the networks your employees connect to when they’re working remotely.  The best way to protect against these threats is to educate and train employees on a regular basis. RFC can help you and your employees do this effectively through our comprehensive End User Security Awareness Training.

Our IT professionals have many years of IT control and audit experience which is complemented by professional accreditations, like Certified Information Systems Auditor (CISA) and Certified Ethical Hacker (CEH). RFC offers its clients comprehensive technology consulting services that range from support to a detailed audit of your environment.


Areas of review include:

Information Technology Audit Services

  • Information systems security assessment

  • IT requirements, including hardware, software and network evaluation

  • Disaster recovery and business continuity planning

  • IT policies and procedures

  • Information system design and risk assessment

  • Network security assessment

  • Internet and firewall audits

Information Technology Support Services

  • Security Awareness Training

  • Desktop/laptop support

  • Server management and support

  • Network management, including firewalls

  • Backup and recovery design and support

  • Application support