A successful IT audit appropriately assesses technology risks and the control environment as they relate to critical business processes. zSquad's deep expertise in IT audits can help ensure the integrity, reliability and performance of these processes. Through our methodologies, our clients realize more effective and efficient technology controls that better align the internal audit function with their business and IT strategies. zSquad's professionals have helped major companies in many industry sectors plan, formulate and develop internal audit functions for the first time. We have also assisted companies with re-establishing functions that have slipped into a level of ineffectiveness. In either case, zSquad brings practical, efficient and effective approaches to help you establish an internal audit function that meets your specific needs. Our experienced teams of SOX 404 and SOX IT professionals from various backgrounds are dedicated to providing cost effective solutions for smaller public companies. We have refined the process to provide efficient and affordable guidance auditing for SOX complaince or auditing.

To serve our smaller customers in a cost-effective manner, we have broken out SOX into six affordable components. They can be started together or separately at any time. Each component has stand alone value and deliverables, yet when combined equals a complete SOX 404 self assessment. There is no duplication of effort in any of the six projects! Each project also falls under PCAOB Auditing Standards whether Section 404 applies or not. So why wait? Early detection leads to early correction. Whether you need the trust services assurance provided by SysTrust or WebTrust, or validation of financial controls provided by SAS 70 (either for internal use or to reassure your customers), our team of audit professionals can help you step through the audit process. ISO 27001 is the newly published security standard that replaces ISO 17799 and BS 7799 as the only certifiable security governance standard. This new certification is fast becoming the most widely accepted proof of the quality of an organization's security program.

zSquad is at the forefront of ISO 27001 certification consulting. Our auditors can guide your company through the certification process and acceptance.

ISO 27001 certification preparation involves a six stage progression:

1. Define an Information Security program
   zSquad will work with your company to evaluate your existing security program, including policies, procedures, standards, organizational structure and oversight. We will then prepare a detailed gap analysis to the ISO 27001 standard along with a project plan and strategy for bringing your program into compliance.
2. Define scope of the Information Security management system
   zSquad will work with you to define the organizational and technical areas of your company that will be included in the certification process.
3. Perform an Information Security risk assessment
   zSquad will conduct an assessment of all applicable areas of your company and identify areas of non-compliance and determine the risk levels.
4. Manage the identified risk
   Once zSquad has identified any areas of non-compliance, we will work with you to bring those risk items into compliance. We will then appropriately document all risk mitigations.
5. Select controls to be implemented and applied
   zSquad will then prepare you for the certification process by using the previously defined security program documentation to determine what areas of the ISO standard apply to your business.
6. Prepare a Statement of Applicability
   zSquad will then formally document the Statement of Applicability as the final stage of preparation for the official certification audit.

Once these steps are completed, zSquad will guide your company through the audit process. We will either perform the audit or assist you in selecting an appropriate and qualified certification body. Both of zSquad's principals are experienced lottery security professionals. For our customers in the lottery industry, we offer an extensive suite of pre-audit and audit programs to prepare them for WLA, MUSL Security or NASPL security compliance