Information Technology Consulting

The alignment of your IT investments with business goals is critical. From high level issues involving strategic decisions, controls and project management, to operational details concerning information security and e-commerce, the information technology consulting group at BNN can help you align your information technology objectives with your overall business plan.

Our consultants have extensive backgrounds in information technology controls, data processing, operations and security, along with highly effective project management skills.  The consultants hold relevant industry credentials including Certified Public Accountant (CPA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Penetration Tester (CPT) and Certified Ethical Hacker (CEH).

Our integrated set of services, objectivity as a result of vendor independence, in-depth experience with current technologies and knowledge of diverse industry sectors uniquely qualify BNN to meet your information technology consulting needs.

BNN brings a proper perspective and distinct intelligence to this process, which I find refreshing; our SAS 70 process would have become stagnant otherwise.

- Chief Security Officer of a financial services client on working with BNN IT consultants

Our experts provide the following services to clients to help them meet their business objectives:

• Internal control services including SSAE 16 (SOC) examinations and readiness reviews
• General control reviews
• Outsourced internal technology audits
• Compliance assessments including:
  • HIPAA privacy & security assessments
  • Gramm-Leach-Bliley Act (GLBA) assessments
  • Payment Card Industry (PCI) compliance assessments
• Disaster recovery & business continuity planning services
• Electronic Health Records (EHR) controls assessments

• Risk assessments including:
  

  • Enterprise risk assessment
  • IT department assessment
  • IT governance assessment
  • Information systems risk assessment
• Needs assessment and system selection services
• Penetration and vulnerability testing services

We also provide a full range of information technology consulting services to financial institutions and healthcare entities.

Our consultants provide clients with the perfect blend of individual expertise, industry experience and service to ensure successful projects.

Related Resources   (Read More in Our Library)

• Changes to Service Organization Control reports: Avoiding mismatched SOCs
• Don’t worry so much about PCI-DSS compliance!
• 5 Recommendations for Mobile Computing Devices in the Workplace
• Password Security for the End User
• Payment Card Industry Data Security Standards
• Risk Assessment for HIPAA and HITECH Act
• SOC it to me! Are you ready for changes to the Service Organization Control standards?

Lead Contact

Patrick A. Morin

Principal

Pat began at Baker Newman Noyes in 1995 when the firm was founded, having previously been with KPMG, one of our predecessor organizations since 1988. He is a Principal of the firm and the Director of the Information Technology Consulting Division

Team Members