Information Technology Risk Management

Information technology is an integral part of every organization and creates true business value.  At Williams Adley, our ITRM professionals work with our clients to minimize enterprise risk by ensuring proper security and enhancement of their valuable systems. 


IT Assurance

FISCAM Audits - Evaluation of agency entity-wide controls, general and application controls, and security management in accordance with GAO’s guidance. For civilian and defense agencies, our IT teams coordinate FISCAM testing during financial statement audits where information systems are significant to the audit objectives.

IT Internal Audit - Independent assessment of existing and needed controls to help executive leadership and oversight bodies understand and address the varied risks of their IT environment.

SSAE 18 Examinations - Examination of controls at organizations that provide services to user entities when those controls are likely to be relevant to user entities’ internal control over financial reporting.

pexels-photo-information technology.jpg

Information Security

FISMA Audits - Audit to determine compliance with established information security guidelines that federal agencies, or those entities that have outsourced agency business, must adhere to. We perform testing to determine if the agency has required documentation, policies and procedures, and defined processes in place to meet NIST requirements.

Information Security Assessments - A risk-based assessment of the way information security is implemented in a system or organization. Our IT team assesses the technology, people, and process elements of security to determine risk to the organization.

Cybersecurity Framework Advisory - Evaluation of an agency’s cybersecurity program to understand the current state against framework characteristics and issuance of recommendations for improvement based on best practice cybersecurity practices across the industry.