Internal Controls

The service organization's description of controls should address five key components of internal control as defined in SAS No. 55, Consideration of Internal Control in a Financial Statement Audit:

  • Control Environment sets the tone of an organization, influencing the control consciousness of its people. The control environment is the foundation for all other components of internal control, providing discipline and structure.
  • Risk Assessment is the entity's identification and analysis of relevant risks to the achievement of its objectives, forming a basis for determining how the risks should be managed.
  • Control Activities are the policies and procedures that help ensure that management directives are carried out.
  • Information and Communication are the identification, capture, and exchange of information in a form and time frame that enable people to carry out their responsibilities.
  • Monitoring is the process that assesses the quality of internal control performance over time.

Consulting & Integration

Information Technology and Managed Information Systems are perhaps the most important part of an effective Network Management System. With IP-based (Internet Protocol) services, there is a critical need to know that Access, Authorization, Accounting and Audit information is authentic and credible.

If you are a person or corporation that owns, licenses, stores or maintains personal information, your organization must develop, implement, maintain and monitor a comprehensive, written information security program applicable to any records containing such personal information.

Analysis and Reporting Services

Legal & Compliance

We implement systems and processes in your Organization to comply with Mass. 201 CMR 17.00 and PCI specs.

Organization Checklist
  • File Integrity and Log Management
  • Firewall Services
  • Restricted Access to Sensitive Data
  • Anti-virus Protection
  • SSL Certificates
  • Intrusion Detection Tools
  • Secure user authentication protocols
  • Secure access control measures
  • Encryption of all transmitted records and files
  • Monitoring of systems for unauthorized use
  • Encryption of all personal information stored on laptops or other portable devices
  • Education and training of employees

Engagement Process

The client engagement begins with your contacting us Click to Contact via 888-775-4225 to discuss your requirements.