Today, organizations face many challenges in safeguarding their private information, given the ever-increasing dependency on network and information systems. These systems are increasingly vulnerable to a variety of attacks that take place frequently on corporate networks. RFC provides IT Controls Audit & IT Review services to our clients in conjunction with the Financial Audits we perform. These IT Audits play a key role in ensuring compliance with today’s security standards and ensure that IT related controls and safeguards have been properly and effectively implemented.
Maybe surprisingly, the biggest vulnerability to your company and your systems are your own employees. Applications can be patched, systems can be hardened, and physical locations can be locked down; however, your systems are only as strong as the people who access them every day. These end users, usually accidentally, can expose your organization to serious and costly breaches, infections, and data loss. And, as enterprise data becomes more mobile, it also becomes more vulnerable – it’s carried on mobile phones, on laptops, and on the networks your employees connect to when they’re working remotely. The best way to protect against these threats is to educate and train employees on a regular basis. RFC can help you and your employees do this effectively through our comprehensive End User Security Awareness Training.
Our IT professionals have many years of IT control and audit experience which is complemented by professional accreditations, like Certified Information Systems Auditor (CISA) and Certified Ethical Hacker (CEH). RFC offers its clients comprehensive technology consulting services that range from support to a detailed audit of your environment.
Areas of review include:
Information Technology Audit Services
Information systems security assessment
IT requirements, including hardware, software and network evaluation
Disaster recovery and business continuity planning
IT policies and procedures
Information system design and risk assessment
Network security assessment
Internet and firewall audits
Information Technology Support Services
Security Awareness Training
Server management and support
Network management, including firewalls
Backup and recovery design and support