Information Technology Assurance Services

What is IT Assurance?

Assurance ‎(plural Assurances)

  • The act of assuring; a declaration tending to inspire full confidence; that which is designed to give confidence
  • The state of being assured; firm persuasion; full confidence or trust; freedom from doubt; certainty

IT Assurance is a process whereby business needs and risks are identified (with special attention to how those needs and risks affect IT operations), and how they are affected by IT.

For a copy of our Information Technology Assurance Services brochure, please click here.

How does the Process begin?

IT Assurance begins with a robust IT risk assessment followed by a development of an IT audit plan to identify key controls. Varying levels of reviews include:

  • IT general controls reviews
  • IT business processes and application controls reviews
  • IT governance assessments
  • IT project assurance reviews
  • Development of IT policies, procedures and standards

Who Needs this Service?

Most businesses today have two things in common, when it comes to their Information Technology systems (IT):

  • They would find it difficult or impossible to operate effectively without IT.
  • IT is typically a complete mystery to corporate, business and department leaders.

Once the organization has established IT controls to mitigate key risks, our IT Assurance Services independently gathers evidence to determine whether those controls are operating as designed and are effective in order to answer the key question: Are they working?

What is the Deliverable?

An assurance report that outlines the results of our testing to include key findings and value-added recommendations to improve operational effectiveness and efficiency of IT internal controls.

Questions to Ask Yourself

  1. Has your company performed an IT risk assessment?
  2. Does your company have defined, documented IT policies and procedures?
  3. Does your IT system inspire “full confidence and trust?”
  4. Do you have doubts about the effectiveness of your company’s IT operations?
  5. Do you have the right people/technologies to accomplish your key business goals?
  6. Are you subject to HIPAA (protected health information)?
  7. Are you subject to PCI-DSS (credit cards processing)?

For more information, contact William M. Prohn CISSP, CISA, CGEIT, CRISC at wprohn@dopkins.com.