Audits & Attestations
Third party audits and attestation services are often required by regulatory agencies, customers, vendors, and are interpreted as no-return, mandated cost of doing business. However, the audit process is not just about what you have to do, it’s about enforcing common sense practices, improving business operations, lowering business risk and gaining the confidence of your current and future customers.
We have experienced technology / assurance professionals who are “hands-on” at all levels. EKP provides high quality audit services at a competitive price. We provide creative thought about the nature/extent/timing of tests and process evaluations so that our clients benefit from the increased knowledge and assurance. In the absence of significant hands-on involvement from the type of highly seasoned leaders at EKP, strategic risks will be missed, extensive effort will be spent on low-return activities, and major last-minute course corrections are inevitable. We help you identify, prioritize, and mitigate your risks
EKP has expertise in most security and privacy standards that are both industry agnostic or specific. We apply OWASP, CSA, STIG best practices and other frameworks and standards. Some of the areas were provide audit attestations include, but not limited to:
- SSAE 16 SOC2 and SOC3
- ISO 27001:2013
- PCI DSS ROC
- NIST 800 series
- FERC CIPv5
- CMS Data Validations
Our practitioners hold professional designations such as certified public accountant (CPA), certified information systems auditors (CISA), certified information system professional (CISSP), certified information security manager (CISM), certified internal auditor (CIA), certified ethical hacker (CEH), certified penetration tester (CPT), Certified Public Accountants (CPA) and certified in government of enterprise IT (CGEIT).