IT Assurance

Our Information Technology Assurance specialists have a detailed knowledge of business operations and the technologies used. At Wolf, our risk management professionals have experience in various operational roles across multiple industries and a wide array of software platforms and applications.

Wolf & Company's IT Assurance Group is pleased to provide the following Information Security services:

IT Risk Assessment

Review of current technology threats along with your vulnerabilities and controls to determine where the greatest risks are in your organization.

Information Privacy Review (Gramm-Leach-Bliley)

Review of your organization's Comprehensive Information Security Program to determine adherence with the federal privacy laws.

Application Security Review

Review of the application software configuration for issues such as valid user accounts, appropriate password restrictions and other user access privileges.

Internal Network Security Review

Comprehensive scan of network objects and permissions to detect inconsistencies which conflict with your organization's internal security model.

Internet Intrusion Review

Scan of a range of Internet Protocol (IP) Addresses for potentially thousands of known vulnerabilities and threats.

Wardialing

Detailed scan of your telecommunication infrastructure for unprotected modems that could be used to gain access to your organization's network.

Independent Network Perimeter Testing

Testing and evaluation of controls over perimeter devices such as firewalls and routers which separate an organizations' internal system from the outside world.

Social Engineering Assessment

Assessment of your organization's Information Security awareness and if necessary, the development of an awareness training program.

Business Continuity Planning (BCP)

Detailed review of your organization's BCP including disaster recovery and incident response procedures to determine if your organization is able to effectively respond to an emergency situation.

Policy and Procedure Development

The development and implementation of comprehensive Information Security policies and procedures designed to protect against identified risks.

Internal Audit IT Support

Assistance to your Internal Audit Department in assessing technology related risks and providing Internal Auditor Training.

SAS 70 Assurance (Third Party Review)

Independent review of a service organization's control design and testing of effectiveness of a service organization's processing controls.

HIPAA Security Rule Compliance Review

Independent review and comprehensive analysis of administrative, technical and physical security procedures for use in assuring the confidentiality of electronic protected health information (PHI).

Let our IT professionals work with you to develop practical solutions to your information security needs. Please contact Gerald Gagne at (617) 428-5455 to obtain more detailed information on these services.

Wolf and Company, P.C. is one of the only firms in New England that provides comprehensive risk management solutions including, information technology assurance, internal audit and regulatory compliance services. We also offer WolfPAC^SM, a secure, on-line suite of control assessment services providing on-going self-evaluation and professional analysis of a control environment.