Information Systems Auditing is first and foremost a series of auditing procedures that must be done to ensure compliance with industry and regulatory standards. There are both general regulatory compliance requirements such as Sarbanes-Oxley (SOX) as well as industry-specific requirements such as Health Insurance Portability and Accountability Act (HIPAA).
Since almost all operational systems are computer-based the ability to audit those information systems quickly and effectively has become a specialized field.
SDC has the skills and experience to audit information systems at both the physical and logical levels to support an overall auditing effort whether it is an external audit or internal audit.
Our specialty is supporting the small-to-medium sized CPA firm in rounding out their auditing team on a per-engagement basis so that they can deliver a thorough information systems audit cost-effectively and in a timely manner. We employ a rigorous process that extends from pre-audit to interviews and examinations through audit reporting and the preparation of management letter action points.