Information Security Services - Audit and Other Assurance - Services

By: Clifton Co Ltd (the)  09-12-2011
Keywords: It Security

In the changing world of information risk management, protection of information assets can no longer be ignored. An increasing number of threats from internal and external sources, combined with the penalties that occur when data is compromised, create a risk environment that must be acknowledged, analyzed and managed.

In addition, government regulations now require some organizations to find another professional firm to provide services that were once performed by their current financial auditors. We assist organizations of all sizes, using the latest in assessment methodologies and technology-based tools, to efficiently identify and manage risk in your IT environment.

IT Security Services

Using the following services, we identify and assess real and/or potential security control risks and weaknesses facing your organization–

  • Security controls assessments for Enterprise Resource Planning applications.
  • Customized corporate security policies, standards and procedures.
  • Entity-wide security program development, design and implementation.
  • Threat-based assessments of Internet connectivity and vulnerability.
  • Wireless network integrity reviews.
  • Administrative reviews, including event configuration and IP filtering rules.
  • Incident response practices.
  • Security planning and design services focusing on the effectiveness of your security infrastructure and systems.
  • Guidance and direction for information security programs and processes.

SAS No. 70 Attestation Services

If other organizations use your company's services to accomplish tasks that affect their financial statements, the controls at your company may be considered part of the information systems of those organizations. In those circumstances, we can perform an independent study and evaluation of controls, in accordance with Statement on Auditing Standards No. 70, to provide a valuable benefit to your company, the third party organizations and their independent auditors.

Payment Card Industry (PCI) Compliance Services

We can perform assessments, perimeter scans and penetration testing to assure that cardholder data is safe and secure, and that you are in compliance with PCI Data Security Standards.

Business Continuity/Disaster Recovery Plans

We document procedures and evaluate the adequacy of tests, off-site storage of backup data, software frequency and storage locations.

Data Analysis and Forensic Services

Data that was once considered unrecoverable, or that exists in large volumes and different formats, can be recovered and managed using many specialized analysis tools and methodologies. We can perform customized data recovery and analysis in support of current investigations and pending litigation.

Incident Response and Investigations

At your direction, we can conduct investigations of incidents, anomalies and suspicious activities in your IT systems. Technical evaluations of specific information systems resources are used to locate and document evidence of a crime, or unauthorized or suspicious activity.

Keywords: It Security

Contact Clifton Co Ltd (the)


Print this page

Other products and services from Clifton Co Ltd (the)


Audit and Other Assurance - Services

From financial reports and audits of historical financial statements, to special attestation reports and IT security risk assessments, our advisors can provide the unbiased, objective, independent financial verification your stakeholders demand. With a partner-to-staff ratio among the lowest in the accounting profession, you can be assured our partners will be directly involved in the planning and execution of your engagement.


Internal Audit and SOX 404 Consulting - Audit and Other Assurance - Services

An internal audit function helps your governing board or audit committee fulfill its responsibility for establishing effective and efficient control systems, reporting policies and procedures, and for creating a system of corporate governance. Internal control reviews and assessments. Internal audit team training and reviews.


Review Services - Audit and Other Assurance - Services

A review consists of discussions with your management team and analytical procedures applied to your financials. If full auditing services are not required, we can provide review services on historical financial statements. The resulting report indicates limited assurance as to the appropriateness of the financial statements.


Audit Services - Audit and Other Assurance - Services

Clifton Gunderson is registered with the Public Company Auditor Oversight Board and is a member of the Audit Quality Center of the American Institute of Certified Public Accountants, as well as the Government Audit Quality Center and the Employee Benefit Plan Audit Quality Center.