IT Compliance

Services > Consulting > Risk & IT Compliance > IT Compliance
CSA Star Certification ServicesHIPAA ComplianceHITRUST CSFPCI DSS

Move Forward with Peace of Mind

In an increasingly complex regulatory environment, compliance risk management is essential, whether to meet statutory requirements, adhere to best practices in corporate governance, or reduce reputational risk.

Our IT auditors can address any aspect of compliance, from financial audit and public company audit requirements to IT internal control validation and audits for businesses seeking to enhance their marketplace credibility.

Support Across Key Frameworks

Moss Adams ranks as one of the few CPA firms globally validated as assessors for key frameworks, including Systems and Organization Controls (SOC) examinations—SOC 1®, SOC 2®, and SOC 3®, PCI DSSHITRUST CSF®, HIPAANIST, and CSA STAR services.

Our services leverage the overlap in compliance frameworks to help drive efficiency and reduce burdens on internal teams that can accompany contracting with multiple firms for various frameworks.

Services provide support for overlap of multiple compliance frameworks.

Expansive IT Compliance Experience

Our IT auditors specialize in a variety of industries and hold credentials in a number of IT compliance disciplines.

For example, many are certified Payment Card Industry (PCI) Professionals, PCI Approved Scanning Vendors, and PCI Qualified Security Assessors. In addition, Moss Adams is a member of the American Institute of Certified Public Accountants (AICPA) and the Cloud Security Alliance, with professionals who are members of the AICPA’s Trust/Information Integrity task force and SOC 2® working group, and the Information Systems Audit and Control Association.

Insights

Article
Prepare for Third-Party Risk Management Challenges
Third-party service providers can help companies scale operations without the costly overhead, but not without inherent risks.
Article
Article
3 IT Risk Factors That Can Impact Financial Reporting
Avoid crippling cyberattacks and learn five critical steps to help reduce their cost and address risk factors.
Article
Article
The Many Benefits of Including IT Control Testing in Audits
Learn how including IT control testing in your financial statement audits could lead to greater data protection.
Article
Article
How to Integrate Cybersecurity with Your IT and Internal Audit Teams
Learn how IT and internal audit teams can better collaborate with one another to help strengthen cybersecurity.
Article
Webcast
IT Risks Impacting Financial Reporting
Help your company increase competitiveness with new strategies to address risks, regulations, and talent shortages.
Webcast
Article
C5 Compliance Can Increase the Transparency of Data Protection
The Cloud Computing Compliance Criteria Catalogue (C5) could increase customer security and result in time-saving measures.
Article
Article
Why Existing Compliance Programs Won’t Always Protect You from IT Risk
Don’t rely on a check-the-box strategy to mitigate threats and vulnerabilities. Bolster existing compliance programs.
Article
Article
SOC Reporting | Why a SOC Report Makes All the Difference
More and more companies are outsourcing services. Ideally, a third-party vendor would exert the same level of internal controls you would.
Article

Primary Contact

Chris Kradjan
Chris Kradjan
Partner
(206) 302-6511