Home > Services > Business Consulting > Technology Services > IT Security and Controls

Services

Back to Services

Business Consulting

Financial Management Services

Human Resource Services

Operations Consulting

Risk Management Services

Strategy Consulting Services

Technology Services

-	Business Continuity

-	IT Security and Controls

-	Network Design & Implementation

-	Technology Business Solutions

IT Security and Controls

Are you confident your information technology (IT) controls are aligned to protect your business from security threats as well as help you comply with increased internal and external demands, and regulatory requirements?

Protecting your company against business risks is more than compliance — it’s a strategic opportunity. Virus attacks and information security are major and costly concerns in today’s business environment. Computer systems must be protected on two fronts — from the inside and from the outside. Just a few years ago, computer crime experts estimated that more than two-thirds of all computer attacks and unauthorized access were committed by internal personnel. While internal attacks remain a serious issue, the level and sophistication of outside computer threats has greatly increased.

And at a time when business frauds have spurred increased regulations, designing and monitoring effective IT controls are vital to your company’s success. Compliance with legislation such as Sarbanes-Oxley (SOX) has increased the overall scrutiny and disclosure of financial reporting, causing companies to reassess their IT systems.

How we can help
We help many companies strengthen their security measures by uncovering hidden vulnerabilities. Disruptions to your information technology can cause severe financial losses and even threaten the survival of your organization. Yet technology-related risks are rarely isolated to one area.

That’s why we take an integrated approach to assessing the true risk posture of your organization. Our information security advisors help you protect your critical operations, allowing you to focus on managing your business — not your technology. Our services include:

IT risk assessment
Information systems controls review
Network and application security review
Internal and external network security, penetration and application security testing
SOX IT consulting
SAS 70 Readiness Review
SAS 70 Audit
PCI data security review

We offer internal and external vulnerability testing, penetration testing and on-site security reviews. Depending on your financial and risk requirements, we offer these security measures as a package or individually.

During our overall network security assessment, we often conduct internal and external vulnerability testing and penetration testing, as well as:

Assess current IS control policies and procedures
Conduct in-depth evaluation of manual and automated IT controls compared against industry best practices
Assess vulnerabilities or exposures to your e-commerce or Internet-based initiatives
Review your facility, including physical security and environmental controls
Interview IS management and departmental end users
Review your business continuity plans used in the event of unexpected system failures

Why RSM McGladrey
Unlike many network security testers, we don’t just test for intrusions — we also provide you with detailed findings and recommendations to mitigate areas of vulnerability.

This means we not only help you identify the problem, but we provide suggestions on how to fix it. And we remain unobtrusive throughout the process so employees usually don’t know that a system wide test is taking place.

Related Resources

Articles
Is your e-commerce operation customer ready?
Read More

Holding the beasts at bay — six tips to keep your midsized company safe from IT security threats
Read More

Beware these phish tales: Protect against Internet fraud
Read More

Identity theft and the business owner: Should you buy protection?
Read More

Do you have a receipt for that software?
Read More

Use desktop search tools to find information quickly, efficiently
Read More

Communication and technology are keys to building trust in online business transactions
Read More

How to protect your midsized company in a wireless world
Read More

Highlights
PCI Data Security Standard compliance
Named by the PCI SSC as a Qualified Security Assessor, RSM McGladrey has an experienced team of information security consultants who help your organization develop and maintain a complete security program. Our approach to PCI Data Security Standard compliance includes three types of services applicable to all service provider, managed hosting service provider and merchant levels.
Read More

Others
The Ultra-Secure Network Architecture
Read More

HIPAA Security Consulting
Read More

SAS-70 Third Party Reviews
This service is provided through our alternative practice structure with McGladrey & Pullen, LLP.
Read More

RSM McGladrey named to Elite Microsoft Business Solutions Inner Circle
Read More

Related Links
Web Seminar: Your Quality Assurance Review: How to Prepare for a Smooth Process and Valuable Experience
Read More

Web Seminar: Why midsized companies need to think big with a comprehensive risk management approach
Read More

Web Seminar: Enterprise risk management for regulated environments: What’s missing in your internal audit
Read More

Privacy Policy |
Site Map

RSM McGladrey Inc. and McGladrey & Pullen LLP have an alternative practice structure. Though separate and independent legal entities, the two firms work together to serve clients’ business needs. RSM McGladrey is not a licensed CPA firm.

RSM McGladrey Inc. is a member of RSM International - an affiliation of separate and independent legal entities.

2007 RSM McGladrey Inc. All Rights Reserved. Contact us toll-free at 800.274.3978