Packer Thomas Certified Public Accountants & Business Consultants • Services: Information Technology Services Accounting Software

old computer

IT Links

Accounting Software

Sage Accpac

QuickBooks® Enterprise Edition

Customer Relationship Managmement Software

Sage CRM

SAS 70 Audits

SAS 70 Audits

Info Security Consulting

Risk Audit & Risk Assessment

Compliance Audits

Web Assessments

Web & Web Application Security

Security Solutions

Computer & Network Forensics

Downtime Cost Calculator

General

IT Experts

IT Newsletter

Services: Information Technology Services

Compliance Assessments & Audits

IT Compliance
Packer Thomas' assessments and audits help organizations enhance data security and privacy, safeguard information, comply with regulatory concerns, and reduce legal liability related to:

Sarbanes Oxley - new and enhanced standards for public company boards and management
Gramm-Leach-Bliley Act - protect personal financial information held by financial institutions
HIPAA - standards for health care transactions, security, and privacy of health data
PCI - Payment Card Industry requirements include quarterly network security scans

Who Needs Assessments?
Packer Thomas' compliance audits and assessments are ideal for ensuring compliance mandated by:

Industry regulations and requirements
Clients and customers in regulated industries
Management responding to requests from customers
IPO ready organizations
Organizations concerned about security
Organizations in regulated industries such as financial services and health care
Firms working with the government or large institutions
Organizations that share and collect personal and/or proprietary data

Audit and Assessment 50 Point Work Plan
Packer Thomas' audits and assessments are customized to meet compliance requirements. Our services review and analyze 50+ different subject areas including:

Security Policies - ensure security policy provides direction in accordance with business requirements and relevant laws, regulations, and standards.
Organization structure - review direction, commitment, assignment of responsibilities, review external party access and access controls.
Asset management - ensure appropriate protection of organization's assets and information receives appropriate level of protection.
Human resources security - review HR related policies and procedures prior to employment, during employment, and termination or employment change.
Physical and environmental security - review secure areas, access, and equipment related security controls.
Operations management - review backups, anti-virus, e mail, licensing, software patching, laptops, PDA’s, third party services, media handling, etc.
Access control - review and identify access to information, user responsibilities, network access controls, operating system controls, and application controls.
Acquisition and development - review and identify controls that prevent errors, loss, unauthorized modification, or misuse of information in applications.
Incident management - review and identify reporting of information security events and weaknesses, review management of information security incidents and improvements.
Business continuity - review and identify controls to protect against interruptions to business activities and protect critical business processes from effects of major failures.
Compliance - compliance with legal requirements, security policies and procedures, and technical compliance.

» top

Please contact Jeff Sheets for more information: jsheets@packerthomas.com