IT Compliance

Services > Consulting > Risk & IT Compliance > IT Compliance
CSA Star Certification FedRAMP Advisory GovRAMP Advisory HIPAA Compliance HITRUST CSF PCI DSS

Move Forward with Peace of Mind

In an increasingly complex regulatory environment, compliance risk management is essential, whether to meet statutory requirements, adhere to best practices in corporate governance, or reduce reputational risk.

Our IT auditors can address any aspect of compliance, from financial audit and public company audit requirements to IT internal control validation and audits for businesses seeking to enhance their marketplace credibility.

Support Across Key Frameworks

Moss Adams ranks as one of the few CPA firms globally validated as assessors for key frameworks, including Systems and Organization Controls (SOC) examinations—SOC 1®, SOC 2®, and SOC 3®, PCI DSS, HITRUST CSF®, HIPAA, NIST, and CSA STAR, FedRAMP , and GovRAMP services.

Our services leverage the overlap in compliance frameworks to help drive efficiency and reduce burdens on internal teams that can accompany contracting with multiple firms for various frameworks.

Services provide support for overlap of multiple compliance frameworks.

Expansive IT Compliance Experience

Our IT auditors specialize in a variety of industries and hold credentials in a number of IT compliance disciplines.

For example, many are certified Payment Card Industry (PCI) Professionals, PCI Approved Scanning Vendors, and PCI Qualified Security Assessors. In addition, Moss Adams is a member of the American Institute of Certified Public Accountants (AICPA) and the Cloud Security Alliance, with professionals who are members of the AICPA’s Trust/Information Integrity task force and SOC 2® working group, and the Information Systems Audit and Control Association.

Insights

Article
Tips to Assess Third-Party Risk Management
Third-party service providers can help companies scale operations without the costly overhead, but not without inherent risks.
Article
Article
Avoid IT Risks in Financial Reporting
Avoid crippling cyberattacks and learn five critical steps to help reduce their cost and address risk factors.
Article
Article
Unexpected Benefits of IT Control Testing
Learn how including IT control testing in your financial statement audits could lead to greater data protection.
Article
Article
Reduce Cyberthreats Through Collaboration
Learn how IT and internal audit teams can better collaborate with one another to help strengthen cybersecurity.
Article
Webcast
Combat Cyberthreats to Financial Reporting
Help your company increase competitiveness with new strategies to address risks, regulations, and talent shortages.
Webcast
Article
C5 Could Increase Data Transparency
The Cloud Computing Compliance Criteria Catalogue (C5) could increase customer security and result in time-saving measures.
Article
Article
Perform a Comprehensive IT Risk Assessment
Don’t rely on a check-the-box strategy to mitigate threats and vulnerabilities. Bolster existing compliance programs.
Article

Primary Contact

Photo of Chris Kradjan
Chris Kradjan
Principal
(206) 302-6511

Baker Tilly US, LLP, Baker Tilly Advisory Group, LP and Moss Adams LLP and their affiliated entities operate under an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable laws, regulations and professional standards. Baker Tilly Advisory Group, LP and its subsidiaries, and Baker Tilly US, LLP and its affiliated entities, trading as Baker Tilly, are members of the global network of Baker Tilly International Ltd., the members of which are separate and independent legal entities. Baker Tilly US, LLP and Moss Adams LLP are licensed CPA firms that provide assurance services to their clients. Baker Tilly Advisory Group, LP and its subsidiary entities provide tax and consulting services to their clients and are not licensed CPA firms. ISO certification services offered through Moss Adams Certifications LLC. Investment advisory offered through either Moss Adams Wealth Advisors LLC or Baker Tilly Wealth Management, LLC.