Cyber Defense Labs provides a wide range of audit and advisory capabilities which can assist an organization’s business and regulatory requirements as well as providing a starting point in building a successful compliance program. Enterprise risk assessments and focused IT risk assessments are fundamental in understanding the current risk and compliance posture of any organization and is typically done prior to any other assessments or audits. In addition, CDL can help an organization design or improve existing documented policies, procedures, and controls, review processes, and support an organization through regulatory compliance efforts.
CDL’s assessment methodology may follow standard frameworks including NIST, ISO, COBIT, ITIL, and COSO or be custom-tailored to meet the organization’s needs. CDL can provide expertise to cover a wide range audit, risk, and compliance objectives.
Below are the different types of audit and advisory engagements that CDL typically conducts:
- Risk Analysis & Assessment – Identifying risk, impact, gaps, and tolerance in the control environment in order to assess control maturity, compliance alignment and risk focused audit scoping, and opportunities for improvement.
- Fraud Auditing & Forensic Accounting – Deliver highly focused fraud services by combining our extensive experience with auditing, technology, data analysis and enterprise risk. From financial analysis to obtaining electronic audit evidence, we specialize in complex forensic accounting, auditing and technical issues.
- General Controls Review – Reviewing an organization’s documented controls, their effectiveness, and providing recommendations for improving control design
- Policy & Procedure Review – Reviewing an organization’s documented policies, standards, and procedures or assistance with developing them.
- Outsourcing & Co-Sourcing – As your co-sourced partner, we work alongside your audit team, while scaling up during peak seasons and reducing operational costs during the normal operations.
- Process Reviews – CDL can assist an organization in assessing their business process and IT procedures for efficiencies, compliance alignment, and / or design effectiveness.
- SCADA Assessments – Assess the current state of production SCADA or other critical infrastructure systems and provide recommendations.
- Compliance Assessments – Identify gaps and control weaknesses to meet a specific regulatory compliance objective including SOX 404, PCI, HIPAA, NERC CIP, FISMA, GLBA, FIPS, and several others.