If you want to know that your information systems are effectively managed, efficiently operated, and secure, look to BerryDunn.
BerryDunn’s Information Technology (IT) assurance service experts combine with the strength of one of New England’s leading CPA firms to bring you assurance services you can count on. Gain confidence with our assessments and examinations—from SOX 404 testing to security advisory services, we use a structured methodology to make sure your organization meets the standards. We bring you the expertise garnered from working with clients nationwide on assurance and consulting engagements.
Our experienced professionals help you:
- Confirm or assess your capabilities
- Stand up to scrutiny
- Identify your options
- Arm you with insights
- Gain control of the opportunities that drive value
Our experts can help you with a variety of services, including:
- SSAE 16/Service Organization Controls reporting
- Risk Assessments
- Information System Control Reviews and Audits
- IT Security Assessments
- Compliance Reviews
- SOX 404 Attestations
- Internal/External Vulnerability Assessments
- Independent Validations and Verification (IVV)
- IT Forensics
Risk Assessments
The success of internal controls relies in the risk assessment your organization conducts. Our professionals can conduct full enterprise risk assessments or more specific assessments of risk as they relate to specific business segments or projects. We work collaboratively with your organization to guide and assist in the process.
SOX 404 Attestations
In addition to traditional audit and review services, BerryDunn provides a wide range of other forms of information assurance, including Sarbanes-Oxley (SOX) 404 attestation services. Organizations of all sizes face similar challenges to assure the public that they are preparing financial statements and recording transactions in an accurate, fair, and ethical manner, using established control procedures that include controls associated with information technology. BerryDunn conducts SOX 404 audits to review our clients’ financial reporting and control practices and provide assurance that these organizations comply with the Sarbanes-Oxley Act of 2002.
IT Security Assessments
Technology must be designed and managed with the security of operations and privacy of data in mind. Many weaknesses exist in the area of IT security today, and significant gaps must be addressed in the future. BerryDunn regularly performs security point-in-time reviews, examines and tests application-specific and general controls, and helps plan for appropriate structure and management of the security function. We regularly work with client organizations that demand high levels of availability, performance, and security from their systems, including government agencies, colleges and universities, state lotteries, hospitals, and banks.
Information System Control Reviews
We can conduct an independent assessment of IT controls, policies, and procedures to identify opportunities to improve existing practices. Our recommendations are tailored to your needs, technology environment, and industry to ensure recommendations are cost-effective and achievable.
Internal/External Vulnerability Assessments
BerryDunn works with clients to conduct vulnerability assessments of the security structure of network devices (including routers, firewalls, and intrusion detection systems), servers, databases, and workstations to identify security risks. We remain current on known network vulnerabilities through extensive training, association affiliations, and Internet resources, and employ a structured methodology based on established standards including (but not limited to) COBIT, COSO, NIST, ISO17799, and ISACA. Our professionals have the certifications your organization can rely on, including Certified Information Systems Auditors (CISA), Certified Information Security Managers (CISM), Certified Information System Security Professionals (CISSP), Certified Ethical Hackers (CEH), and GIAC Certified Forensics Analyst (GCFA).
Compliance Reviews
We assist clients with a variety of compliance reviews, including the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA) security and privacy reviews, VISA Payment Card Industry (PCI) standards, and others.
Looking for more information about how we can help? Contact our IT assurance practice leader, Mark A. Caiazzo.
Roll with confidence when you work with BerryDunn's credentialed experts in IT Assurance.
Related News
Related Success Stories
Diversified Commercial
-
ACH Wire Fraud: BerryDunn Helps Limit the Damages and Piece Together What Went Wrong
A company discovered it has been a victim of wire transfer fraud. Berry Dunn’s data forensics team helped limit damages and figure out what went wrong.
Related Clients
Our Clients:
• City of Orlando, Florida
• GTECH (State Lotteries)
• InforME
• Illinois State Board of Education
• Racing and Gaming Services
• Rhode Island Lottery
• Scientific Games International (State Lotteries)
• Sol Mutuel, Ltd.
• United Tote
• West Virginia Department of Health and Human Resources