Auditing with less disruption and more insight
As your technology company evolves, so do your IT-related risks.
Assurance builds trust with stakeholders, customers and investors that your tech firm maintains effective controls and compliance. But it also builds confidence internally, giving you peace of mind that you have the appropriate measures in place to secure the data you use.
If your organization is ready to prove your commitment to security, Wipfli can help.
Why Wipfli?
Wipfli’s technology assurance team applies our extensive experience in a wide range of industries to complete your audit skillfully and with minimal disruption.
We use technology to deliver a streamlined auditing process, providing you with a single platform to submit questions and gain high-level visibility into the progress of your engagement. We also offer professional project management that can help you navigate multiple or more complex engagements.
And our services go beyond reporting to provide best practices and practical recommendations for enhancing compliance and controls
How we help
As one of the longest-tenured HITRUST assessor firms, Wipfli’s experienced team has provided guidance and support on over 200 HITRUST assessments.
Our team combines deep knowledge of the HITRUST framework and experience designing and implementing security controls. And we can help you throughout your HITRUST project, from assessing readiness all the way through to certification.
As part of our HITRUST services, we can support you with:
- Readiness assessments for your e1, i1 or r2 certification
- Gap remediation assistance (e.g., policy and procedure development, vulnerability testing, BCP/DR plans, security awareness and training, incident response plans and privacy compliance)
- Validated assessments
- Interim assessments
- Bridge assessments
Minimize risk and strengthen your reputation with Wipfli’s System and Organization Controls (SOC) examination services. Our experienced team is ready to help your firm evaluate internal controls and gain valuable insights into your organization’s security.
We have extensive experience in SOC audits, including:
- SOC 1
- SOC 2
- SOC 3
- SOC2+ engagements utilizing a common framework (e.g., HIPAA, HITRUST, CSA, NIST)
Wipfli’s IT audit solutions can help you meet and exceed regulatory requirements.
With Wipfli engagements, we do more than just evaluate your environment. We provide you with actionable recommendations for mitigating risk in a way that’s easy for you to understand and implement.
We can provide your company with:
- IT controls reviews
- IT risk assessments
- Physical penetration testing
- IT FDICIA testing
- IT SOX testing
- Pretext calling
- Internal vulnerability scanning
Our team
Paul J. Johnson, CPA
Paul Johnson works with clients to assess, improve, and test their information security and risk management systems. He also helps clients determine their compliance with health care security requirements including HIPAA and HITRUST.
Mary Beth Marchione, CPA, CISA, CISSP
Mary Beth Marchione is a senior manager with over 12 years of experience in risk advisory services related to information technology (IT) audits, System and Organization Controls (SOC) reports, regulatory reporting and risk mitigation.
Karen Johnston, CCSFP, CIA, CISA, CCSFP-CHQP
Karen has more than 15 years of experience in public accounting and private industry. She applies her experience in risk advisory services and assists her clients in protecting and tailoring their business environment to mitigate risk, identify trends, increase efficiencies, and gain a competitive advantage.
Angela Haasch, CCSFP
Angela Haasch is a versatile management consulting professional with over 10 years of experience helping organizations with risk advisory services, project management, process improvement, and technology initiatives.
Client success story
Learn how Wipfli helped AccuWeather eliminate hours of manual work.
