Marcum LLP's highly certified, trained technology auditors and consultants, including CPAs, CISAs, CISSPs, CISM, CRISC, CITP or SAP certified, understand the financial reporting requirements of businesses.
We are objective and independent – our only mission is to recommend the best solution for the client situation to ensure financial information is accurately reported and properly protected.
Our partners and professionals believe in offering the highest quality of personal service along with the delivery of an exceptional product on every engagement.
Our IT Risk and Assurance team understands your technology risk issues. We are able to tailor IT solutions to match your business needs while maintaining strong internal controls and advancing smart business practices. The Marcum IT Risk and Assurance Services Group helps clients achieve quantum leaps in their ability to manage operations and improve performance with cost-effective solutions. We assess how technology drives a client's business and create a plan to enable business strategies. The result: technology solutions that drive your bottom line.
With the use of technology, some degree of risk -- often significant -- is unavoidable.
The possibility exists that unauthorized users could access sensitive information through public access points and utilize that information in an inappropriate manner. The result of this activity could result in additional risk to organizations, including state and federal violations and a damaged reputation.LEARN MORE
Information Risk Management
- SOC 1 (SSAE 16).
- SOC 2.
- SOC 3.
- Encryption advisory.
- Agreed upon procedures.
- Readiness assessment.
- Enterprise-wide risk assessment.
- Operational audits.
- Technology audits.
- IT governance.
- Process improvement.
- Business process reviews.
- Policies, procedures & documentation.
- Application controls reviews.
- Project support office.
- System & process implementation.
- Performance monitoring.
- Metrics – IT & operational.
- Service level agreements.
- Infrastructure monitoring & analysis.
Privacy & Compliance
- Compliance function assessments.
- Privacy & regulatory compliance.
- Sarbanes-Oxley Act (internal or external).
- General IT controls.
- Application specific IT controls.
- Gramm-Leach-Bliley Act (Privacy).
- ISO assistance.
- HIPAA security & privacy compliance.
- PCI DSS Compliance Services
- Readiness review/gap analysis.
- Self-assessment questionnaire (SAQ).
- Report on compliance (ROC).
- Policies & Procedures
- Attack & penetration testing.
- Security strategy & IT strategy.
- MA 201 CMR 17.00.
- Enterprise security architecture design & implementation.
- Network design, implementation & maintenance.
- Vulnerability assessments.
- Business continuity & disaster recovery planning.