The process of reviewing the client’s information systems facilities in light of acceptable operating procedures and insuring that the site is safe and secure, and that processes conform to generally accepted practices is called the Information Systems Review. The review also attempts to insure that there is proper back-up of program and information files, an alternate processing site, and that the facilities have been properly tested. The firm will review security procedures, passwords, access codes, and so forth.

The IS Review is the first level and should be performed every few years. For larger institutions over $100 million, the IS Review should be done every one or two years, with a full IS Audit in the intervening years. The IS Review is an interview and walk-through process. The interviewer does not validate all the answers given, but simply records and observes with random checks for security. A walk-through is done to validate that terminals and printers are secure, and that confidential data is being managed properly.

The firm conducts IS Reviews for several financial institutions each year. The firm also provides services through Certified Public Accounting firms for their clients to augment current accounting reviews and audits.