• Overview
• Tax & Assurance Services
• Management Services
• Real Estate
• Outsourcing Services
• Lender Services
• Information Technology Audit
• Information Technology Systems Consulting
• Estate & Financial Strategies
• Wealth Management

Information Technology Audit : Case Studies

Case Study: Information Systems Audit Services

Situation: A major distribution company required internal IS audit and management services to meet regulatory compliance, but lacked internal resources and expertise.

Action: Moore Colson IT Audit developed IT governance procedures and controls based on proven industry governance methodologies, working closely with both internal and external advisors to ensure controls employed satisfied Sarbanes-Oxley (SOX) compliance requirements. During the assessment phase of SOX compliance, Moore Colson identified that developers had inappropriate access to production code and sensitive data of the Company’s significant financial applications. The Moore Colson IT Audit team provided solid, appropriate control recommendations for proper implementation of control mechanisms. Moore Colson worked directly with executive management to implement the controls required to have proper IT governance by successfully testing all areas related to SOX compliance and financial reporting controls. Moore Colson IT Audit was also able to relieve the workload of both internal and external auditors.

Result: The Company successfully completed all phases of SOX compliance testing, mitigating any future risk of inappropriate access. Moore Colson IT Audit provided executive management with a critical evaluation of internal control of information systems and an internal evaluations audit of information systems required for future strategic planning.
 

Case Study: Data Privacy Information Security Review

Situation: A medium-sized healthcare organization required assistance with the review and evaluation of sensitive information systems data to ensure compliance with HIPAA regulations, and sought recommendations to mitigate the potential of and risk associated with unauthorized access to confidential data.

Action: Moore Colson IT Audit recommended and performed an internal review of all policies, procedures, standards and guidelines implemented for the protection of critical data, including personal health information, and performed a data privacy risk assessment and HIPAA information technology security rules and compliance review. These reviews provided executive management with an objective evaluation of the information security posture for all critical data and identified control weaknesses where additional work, controls, and security was required.

Result: The healthcare organization was able to implement Moore Colson’s recommendations to further enhance its controls over confidential data and mitigate its risk of critical information compromises.