Information Systems Controls Review

The IT Controls Checkup

Information systems are steadily gaining in importance. Because of constant changes in technology, it is not always easy to be sure those systems controls are working. And because of their importance, missing controls can be more costly than ever. 

Because many organizations want a third-party review of controls, Barnes Dennig offers the Information Systems Controls Checkup. This service includes interviews with top management, review and documentation of the control environment and testing of key controls. Each check-up is custom designed based on the needs of the organization, but is based upon the universally accepted COBIT (Control Objectives for Information and Related Technology).

Among the services we most commonly perform are:

  • Access security of General Ledger, Payroll, Vendor Management and Wire Transfer applications
  • Analysis of disaster recovery and business continuity plans for best practices
  • Change controls – ensuring that only properly approved, documented and tested system changes are allowed
  • Analyze common weaknesses – ensuring that simple passwords are prohibited, that access is removed for terminated employees and that common generic IDs are turned off after software installation
  • Evaluation of how well information systems are aligned with strategic objectives of the organization
  • Analysis of segregation of duties and threats to intended controls
  • Documentation and review of key controls over a process (such as billing and revenue recognition) to ensure management objectives are being met

Robert Ramsay leads our Information Systems Risk Management Department.  He has extensive experience managing IT audits at Barnes Dennig and an international professional services firm, covering most significant ERP systems. Robert has earned the designations of Certified Information Systems Auditor (CISA) and Certified Information Technology Professional (CITP).

To learn more about Information Systems controls checkups, contact Robert Ramsay, CPA, CISA, CITP at (513) 241-8313.



Robert Ramsay, CPA, CISA, CITP
Audit Manager
Email
513.241.8313