IT General Controls Review/IT Audits
Gain Insight and Improve Your Controls with an IT Audit
An Information Technology General Controls Review (also referred to as an IT audit), is an annual review that encompasses core security principles as noted by the Federal Financial Institution Examination Council’s (FFIEC) IT handbooks, including the latest guidance such as the Information Technology Risk Examination (InTREx). At PKM, however, we believe an IT audit should not only fulfill your regulatory requirements, but also provide you with the insight to improve your control environment and make better decisions relating to your IT business strategy.
As part of our IT General Controls Review engagements, we provide a report that includes a list of actionable recommendations in order to easily communicate to the Board and examiners where you stand. We strive to provide our clients with reasonable, controls-based recommendations, based on industry best practices as well as FFIEC guidance. Often times, we also present these IT audit reports to the Board or Audit Committee on behalf of our clients.
Bringing Over Two Decades of Experience in IT General Controls Reviews
PKM has over 20 years of experience performing IT audits for our financial institution clients – carrying out nearly 40 separate engagements every year. That said, we bring a deep understanding of the industry and how it has evolved over the years, especially as it relates to systems and IT general controls reviews.
We stay current on industry trends and emerging regulations so that our team has a solid understanding of the IT audit landscape and the challenges our clients are facing every day. We work together with our clients to find the right approach to their IT business strategy when preparing the scope of our IT audits and focus on risk-based recommendations that take into account the unique size and complexity of their organizations.