Information Systems Auditing

Technology has revolutionized the financial services industry. Dramatic volume growth has increased demand for technology systems and support. Technology regulations have become increasingly complex and regulatory expectations have ratcheted up. Cybersecurity threats are of particular concern in today’s business environment. The scope of the IT/Audit performed by FORVIS is based upon Control Objectives for Information and Related Technology (COBIT® 5); Federal Financial Institutions Examination Council’s Cybersecurity Tools; and the National Institute of Standards and Technology (NIST) “Framework for Improving Critical Infrastructure Cybersecurity.”

We conduct approximately 20 Information Systems / Cybersecurity Audits per year for clients across the country. These audits which include, as optional services, network vulnerability/penetration testing and social engineering testing, should be conducted on an annual basis to aid adherence to industry standards and regulatory guidelines, and to help identify operating efficiencies. Findings from these audits can assist clients in problem solving and making system-wide technology improvements.

Credentials and experience are good indicators when in securing technology auditing. Our Information Systems Auditing relies on the leadership of a senior consultant, accredited as a Certified Information Systems Auditor (CISA) and certified in Risk and Information Systems Control (CRISC), with 30 years of financial operations and technology experience.