IT Assurance Expertise
Our IT assurance team is comprised of certified information systems auditors (CISA), experienced consultants, and subject matter experts in the field of cyber security. We provide evaluations of your organization’s IT processes and controls to ensure the integrity of your corporate assets and data, as well as the alignment of IT controls with your goals and objectives. Our team also provides assurance of compliance with IT-specific laws, policies, and standards.
We adhere to industry standards and frameworks, including COBIT for IT governance, ISO/IEC 27001 for information security, NIST/CSF, and CIS controls for cyber security. With our deep expertise and certifications, including CIA, CISM, and CGEIT, Transcendent Group is the right partner to support your IT assurance needs.
We evaluate and propose measures to improve the efficiency and effectiveness of risk management, governance, and controls within IT related areas such as:
In addition to performing IT audits, we also help our customers with training for Internal Auditors on IT assurance and IT risks and we also assist in the development of IT assurance plans.
Co-sourcing IT assurance expertise
The Swedish Transport Agency faced severe negative attention in the media some years ago related to lacking governance of information security within IT operations. During the last years Transcendent Group has supported the Internal Audit function in their evaluations within these areas. Transcendent Group has participated in the yearly risk assessment by Internal Audit and has performed audits within information security and data protection, several strategic projects, and supported with data analytics competence.
Third party assurance report (ISAE 3000, ISAE 3402 and SOC reports)
We have supported several service organizations in providing independent third-party assurance reports, often according to the ISAE-standard. We see an increased demand for service organizations to provide independent assurance reports to validate sufficient information security controls, including management of personal data. These are often recurring audits and we have been able to support clients during several years with experienced consultants, adding additional value.
International Standards on Assurance Engagements (ISAE)
Third part assurance reports using the International Standard on Assurance Engagements (ISAE). The ISAE3402 report focuses on controls related to the reliability of financial reporting whereas ISAE3000 report focuses on operational security and internal controls.
Third part assurance reports using the American standard for System and Organization Controls (SOC). The SOC 1 report focuses on controls related to the reliability of financial reporting whereas the SOC 2 report focuses on operational security and internal controls. SOC 2 reports must be based on Trust Services Criteria.
We want to know more about you and your organizations challenge! Get in contact with your local office to find out more about our culture and services.Contact us