IT AuditIndependent and objective review of your IT infrastructure
Experts in IT audit
GraVoc’s IT audit services provide an independent and objective review of IT infrastructure, control configuration, and regulatory compliance through in-depth testing and expert analysis. Our IT Audit service area expands throughout Massachusetts and New England.
IT Audit Services Include…
Compliance Gap Analysis
The compliance review is an examination of existing controls, procedures, and policies against industry best practices and industry regulations surrounding cybersecurity and information security. GraVoc’s compliance review services help organizations determine their adherence to established state, federal, and industry guidelines. GraVoc also provides a report identifying gaps and prioritizing areas of improvements, and providing solutions on how to bring the organization into compliance.
IT General Controls Audit
This audit is an examination of the proactive/protective controls, the detective controls, and the reactive/corrective controls within an organization’s IT infrastructure. During the IT controls audit process, GraVoc representatives collect and evaluate evidence of the client’s information systems controls, policies and procedures, and other related documentation to ensure the availability, confidentiality, and integrity of mission-critical systems and data.
This audit is an examination of the controls within an organization’s IT infrastructure. During the IT audit process, GraVoc representatives evaluate the overall effectiveness of our client’s IT control environment to ensure these controls are properly configured to preserve the availability, confidentiality, and integrity of mission-critical systems and data. The audit scope depends primarily on the size and scope of the client’s operation and the specific needs of the client. The project manager and auditors work directly with the client to ensure cost-effective and timely delivery of our auditing services.
The FFIEC Issues a FAQ Guide on the Cybersecurity Assessment Toolread more
GraVoc is seeking a Senior Information Security Consultant for our growing Information Security practice. Please see qualifications.read more
On September 9, 2016, the Federal Financial Institutions Examination Council (FFIEC) released a revision of its IT Booklet on Information Security.read more
GraVoc is a technology-consulting firm located in Peabody, Massachusetts just north of Boston. GraVoc is committed to solving business problems for customers through the development, implementation, and support of technology-based solutions.
"One Company, Many Solutions"