Adding Value
Community banks are required to have an information systems (IS) audit that addresses the design and effectiveness of critical IS controls. While compliance with regulations is critical, our IS audit approach views regulatory compliance as one, but certainly not the only focus of the IS audit.
KraftCPAs provides IS audit services that are focused on identifying IS risks that challenge the bank’s ability to meet business objectives. Our IS audit programs view regulatory compliance as one area of risk to be assessed among many other bank IS risks. Community banks should assess IS risks and design control frameworks that will support the bank’s business objectives. Therefore the emphasis of our IS audit service is on adding value to the bank’s ability to succeed in business. Tests of these controls and processes are essential to ensure that their operating effectively and as intended. We believe our approach is much more valuable to the bank than an IS audit where compliance is the sole objective.
We consider client communication essential to our value proposition. An audit finding or management suggestion is only as effective as our ability to communicate it. Technical jargon adds little value to an audit committee meeting or to mangement’s understanding of the business-critical risks associated with information systems. We take the time to explain and discuss each issue in clearly articulated business terms.
