Transforming organizations through skillful alignment of people, process and technology.
The Hilltop Companies

IT Risks & Controls Assessments

Information technology risks are essential to assess as to whether the people, processes and controls in place ensure that the technology will produce complete and accurate data, reports, and transaction processing.

Controls and controls assessment have been important to our industry for many years.  Sarbanes-Oxley and Dodd-Frank legislation increased the intensity of the spotlight on IT controls and their effectiveness.  The Hilltop Companies support clients’ needs for assessing and implementing appropriate IT controls.  We thoroughly assess clients’ IT controls environment, including IT management processes, technology general and specific controls, data and security.  Our assessments give clients critical information to understand the state of their IT controls, including:

  • If the appropriate controls exist in processes, technologies, data, security and change management?
  • If the controls are operating effectively and according to their stated purpose and recommendations to improve effectiveness
  • Whether gaps exist in controls and recommendations to close gaps
  • Whether there are redundant controls that increase cost and decrease efficiency and recommendations on streamlining controls
  • If management and reporting processes exist to provide stakeholders with transparency into controls effectiveness
  • Recommendations on improving the effectiveness and efficiency of the IT control environment

Clients benefit from our thorough, independent view of their IT controls and our recommendations.  We bring extensive experience as auditors, regulatory examiners, IT executives and risk management professionals to our assessments. We follow accepted industry frameworks, practices and standards, such as COBIT, in conducting assessments.  Our recommendations are practical, cost effective and achieve the IT control effectiveness demanded by management, regulators and auditors.

We also assist clients with implementing and testing new controls for their IT environments.  We approach implementation with a zeal to put in place controls that are effective in execution, efficient to operate and sustainable for the long term.  We support the transition to the new controls environment through training and communication with IT staff.  Our clients value our practical, long term approach to IT controls.