IT Compliance

In an increasingly complex regulatory environment, compliance risk management is essential, whether to meet statutory requirements, adhere to best practices in corporate governance, or reduce reputational risk.

Our IT auditors can address any aspect of compliance, from financial audit and public company audit requirements to IT internal control validation and audits for businesses seeking to enhance their marketplace credibility.

Moss Adams ranks as one of the few CPA firms globally validated as assessors for key frameworks, including Systems and Organization Controls (SOC) examinations—SOC 1®, SOC 2®, and SOC 3®, PCI DSS, HITRUST CSF®, HIPAA, NIST, and CSA STAR, and FedRAMP services.

Our services leverage the overlap in compliance frameworks to help drive efficiency and reduce burdens on internal teams that can accompany contracting with multiple firms for various frameworks.

Our IT auditors specialize in a variety of industries and hold credentials in a number of IT compliance disciplines.

For example, many are certified Payment Card Industry (PCI) Professionals, PCI Approved Scanning Vendors, and PCI Qualified Security Assessors. In addition, Moss Adams is a member of the American Institute of Certified Public Accountants (AICPA) and the Cloud Security Alliance, with professionals who are members of the AICPA’s Trust/Information Integrity task force and SOC 2® working group, and the Information Systems Audit and Control Association.