| Governance | Risk |
Compliance |
| Governance, Risk, and Compliance is
being uniquely defined by every organization. At Securance we
assist organization in implementing a framework that will provide a
Governance, manage
Risk, and ensure
Compliance.
Learn
more |
|
| IT Audit Services |
Expectations for the IT internal
audit function are higher than ever. Management expects more
advisory pro-active recommendations while expanding coverage
through acquisition and growth. Meeting these expectations requires
significant investments in people, methodologies, knowledge and
technology. These investments must not only provide coverage for
today's IT risks - but anticipate tomorrow's as well. Many IT
internal audit departments find it difficult to meet these
challenges and often partner with specialty firms to expand their
capabilities in efforts exceed management's expectations.
We are ready to team with you to develop a solution that's right
for your organization. Our customized solutions include assessing
your current IT audit function, supplementing your existing staff
in various areas, to providing the full IT audit function - what we
refer to as IT Risk Management. We have expertise and experience in
providing the following solutions:
- IT Policies & Procedures
- General Control Reviews
- Application Control Reviews
- Software Compliance
- Data Center Operations
- Network Security (Firewall, VPN, Switches/Router, IDS)
- Wireless Technologies
- Business Continuity | Disaster
Recovery Services
If you would like to obtain more information regarding our IT Audit
services please contact us.
Learn
more |
|
| Compliance Readiness and
Testing |
Securance provides full audit and
consultative services for regulatory compliance. Our expertise
includes, but is not limited to, the following major regulatory
reviews:
- Sarbanes Oxley (SOX)
- Gramm-Leach-Bliley Act (GLBA)
- National Association of Insurance Commissions (NAIC) Model
Audit Rule
- Payment Card Industry (PCI) Security Standards
- Health Insurance Portability and Accountability Act
(HIPAA)
- Learn more
|
|
| Enterprise Risk
Assessment |
Risk assessment is the first process
in most enterprise risk management methodologies. Organizations use
risk assessments to determine the extent of the potential threats
and the risk associated with them to their financial processes, IT
systems and operations.
The primary objectives of our risk assessment methodology are to
enable organizations to:
- Enable management to make well-informed risk management
decisions;
- Assist management with various regulatory compliance
initiatives;
- Better secure the IT systems that store, process, or transmit
organizational information; and
- Assist management in authorizing the
IT systems based on adequate approval.
Our Enterprise Risk Assessment can be aligned with COSO, CoBIT,
ITIL, or other leading practice control frameworks.
Learn
more |
|
| IT Risk Matrix |
The Securance Risk Matrix is a
process of estimating a risk score for each auditable technology.
Assessing risk is typically undertaken to focus attention on
significant audit areas, to allocate scarce audit resources to the
most important audit areas, and to help with key audit prioritizing
decisions such as frequency, intensity and timing.
Our methodology offers several critical categories an
Organization may want to uses when assigning risk scores to a
particular auditable technology; including:
- Corporate reliance on technology
- Any recent major changes to the system
- Prior audits of a technology
- Number of system users
- Internal customer impact if unavailable
- Technology complexity
- External customer impact if unavailable
- Future life of technology
- Financial exposure related to loss of data
- Frequency of user turnover
- Potential security threats
- Compliance requirement
- Commercial system vs. internally developed
- Adequacy of IT staff managing the technology
- Vanilla install or heavily customized
- Level of administrative tasks required to maintain the
system
- Learn more
|
|
| VA | Penetration
Testing |
Vulnerability assessment and
penetration testing is a part of computer system security testing
in which the tester collects information on the security features
inherent in a target system and then attempts to circumvent the
security features in order to gain access to the system. Except by
agreement with the target system management, penetration testing is
essentially unconstrained and may make use of tools, live hack
attempts, and any other combination of conventional or
unconventional access methods. A penetration tester may be expected
to use any information gathered in order to gain access to the
system. Our penetration test will provide an assessment of the
vulnerabilities your company's security architecture. We will help
you determine whether your operational practices, hardware and
firmware, and policies are up to the task of protecting your
information assets.
Learn
more |
|
| Staff Augmentation |
Securance Consulting not only
delivers full scope financial and technology risk management
services, but also provides Senior Financial and IT Consultants to
supplement your Internal Audit, IT & Financial Operations, or
Compliance Departments…just when you need staff the most.
As a firm of Senior Information Technology and Financial services
consultants, our staffs are all Senior Consultants; we are all
field-level consultants capable of managing a project team, or
executing an engagement or assigned tasks individually. Our goal is
provide the level of service you require to meet your goals. Our
team of Senior Consultants average 15.5 years experience in
IT/Financial Management, and every team member has more than 10
years of experience and the range tops at 30 years
Learn
more |
|
| Process Design |
Automation |
Your business depends on people,
technology and processes. You've hired the right people and
purchased the right technology...to take your business to the next
level...it's time to re-design your processes.
Our team of Senior Consultants average 15.5 years experience in
Financial, IT and Operational Management. Our team specializes in
designing processes from initiation, or re-designing current
processes to increase efficiency and effectiveness, and decrease
process related costs. Our Consultants work with your department
managers to understand and re-design your processes to ensure that
your processes are not only significantly improved, but also meet
your organizational goals and strategic direction. Our goal is to
provide the level of service you require to meet your goals..
Engaging Securance will ensure your re-designed processes are more:
efficient, effective, adequately controlled, secure, and most
importantly sustainable.
Learn
more |
|
| Compliance Software |
Securance Consulting now offers
Complyant, a browser-based auditing tool designed to increase the
efficiency and effectiveness of an organization's compliance
efforts, particularly Sarbanes-Oxley and HIPAA compliance.
Complyant is more than just a document management tool or generic
database that was repurposed to capitalize on compliance
regulations; it was built specifically for controls auditing and it
brings full version control and structure to the audit
process.
With Complyant, you don't have to modify your audit
methodology to fit the tool - you can configure the tool to fit
your audit methodology.
Learn
more |
|