themed image

IT Audit and Assessment Serivces

IT Audit and Certifications



Approved TG3 Auditors




An IT framework is key to a successful audit

Successful organizations understand the benefits of information technology (IT) and use this knowledge to drive their shareholders’ value. They recognize IT as a major enabler of the business, the need to comply with increasing regulatory compliance demands and the benefits of managing risk effectively. To aid organizations in successfully meeting today’s business challenges, the IT Governance Institute® (ITGI) has published version 4.1 of Control Objectives for Information and related Technology (COBIT®). Entercomp can provide guidance in tailoring COBIT® to meet you business needs. COBIT® enables clear policy development and good practice for IT control throughout organizations. COBIT® 4.1—emphasizes regulatory compliance, and helps organizations increase the value attained from IT.


SAS 70 SSAE 16

Why You Need a SAS 70 or SSAE 16
Entities and corporations must perform due diligence and ongoing monitoring of the confidentiality, integrity and safety of their data when it is being handled by a third party.  SAS 70 and SSAE 16 audits provide assurance by properly documenting and testing the internal controls of the service organizations.

If you are an organization providing outsourced services or a qualified custodian under the investment act of 1940 you may be required to obtaine a SAS 70  or SSAE 16 audit report.

Working with our partners at Carr, Riggs, and Ingram LLC we can deliver SAS 70 Types I & II and SSAE 16 reviews in accordance with standards established by the American Institute of Certified Public Accountants often at prices below industry rates.

Service after the project 
Our firm prides itself in outstanding client service. We will continue to provide ongoing support services to our clients even after the project is over.  We understand that questions may arise between audit projects.  Your audit team will be easily accessible and quick to respond to inquiries.  Our extensive knowledge of controls allows us to be a valuable resource for your entity.

We can provide consultation regarding the impact of planned operational and system changes on future SAS 70 or SSAE 16 projects and review of planned or actual changes to controls relevant to the SAS 70 or SSAE 16 audit.


Sarbanes Oxley

Section 404 of the Sarbanes-Oxley Act is relevant to information technology. It requires management to demonstrate that they have established appropriate "internal controls" to safeguard an organization's financial processes. The regulation's internal controls requirement specify that organizations safeguard financial data that may have a material effect on financial statements. Entercomp can provide control definition, testing, and evaluation to meet your SOX requirements.


Financial Institutions

Regulatory Compliance. Entercomp performs Federal Financial Institutions Examination Council (FFIEC), TG3 STAR now TR39 and Pulse, Sarbanes—Oxley Act (SOX), and Gramm-Leach-Bliley Act (GLB) IT reviews/ analysis. We test existing controls to assess performance or work with your organization to implement new policies.

IT Risk Assessment. Comprehensive planning process that includes an evaluation of the existing IT infrastructure; alignment of IT systems with core business objectives (including gap analysis); and development and documentation of new or revised policies and procedures to address critical issues.  

IT Penetration and Vulnerability Testing.  Assistance in or outsourcing of testing and analyzing system vulnerabilities. We attempt to exploit weaknesses to determine the potential impact of each issue identified, including recommendations highlighting remedies to correct the issue(s).



Entercomp Consulting provides complete information systems  review for the HIPPA Security Rule.

The review consists of:

  • Risk analysis
  • Security assessment for
    • Administrative safeguards
    • Physical safeguards
    • Technical safeguards
    • Organizational requirements
    • Policies, procedures, documentations

Gramm, Leach, Bliley

The Financial Modernization Act of 1999, also known as the “Gramm-Leach-Bliley Act” or GLB Act, includes provisions to protect consumers’ personal financial information held by financial institutions. There are three principal parts to the privacy requirements: the Financial Privacy Rule, Safeguards Rule and pretexting provisions.

EnterComp can assist you and provide a proposal of services with respect to Gramm, Leach, Bliley compliance.

Certified Information Systems Auditor

CISA ISACA IT Auditor Since 1978, the Certified Information Systems Auditor (CISA) program, sponsored by ISACA®, has been the globally accepted standard of achievement among information systems (IS) audit, control and security professionals.

CRI Strategic Partner

Carr Riggs Ingram Accounting Our strategic partner Carr, Riggs & Ingram, LLC is a regional certified public accounting firm with office locations in Alabama, Georgia, Florida, Tennessee and Mississippi. Through this alliance, Entercomp and CRI can provide unmatched IT audit, business solutions and consulting service.



Copyright © 2006 Entercomp Consulting Group LLP. All Rights Reserved.