TDI advised the Export-Import Bank of the U.S. on their architecture & practices for SAS 70 compliance and a better cybersecurity posture.

For the Export-Import Bank (the Bank), TDI helped performed a Design & Implementation Assessment of the IT General Controls over the core financial applications (F&A). In prior years, the Bank had relied on a SAS70 report performed on the service entity that hosted the production F&A environment and subsequently delivered it to the external auditor as part of the annual financial statement audit. As a result of bringing F&A in-house, the Bank sought assistance in understanding the audit implications of hosting the F&A internally. After the initial task of defining and assessing key controls that had previously been managed by the service entity, TDI mapped the applicable control domains from management interviews, the service audit report, SAS70s from similar hosting facilities of financial institutions, and the Bank’s process narratives. Once the key control domains and controls had been approved by management, TDI assessed the Design & Implementation by interviewing management and performing a ‘test of one’ to identify observations in the F&A production environment. Our report was used to guide the efforts of the internal IT audit contractors and prioritize remediation efforts.

Organizations today face a variety of demands for internal audits — including new laws and regulations, competitive pressure and technological change. TDI has the technical skills and industry knowledge to help our clients develop and improve internal audit functions with quality, efficiency and effectiveness. Our services include instituting risk-based IT audit strategies; performing IT audit projects; and providing ongoing expertise through co-sourcing arrangements. Our methodology can produce significant, measurable impacts on the cost effectiveness of the IT audit function and its value to our clients’ internal control and corporate governance.

Testimonials

Don’t take it from us, hear what our clients have to say about TDI

“TDI’s approach to Managed Cybersecurity Performance (MCP) has been a game changer for us. We now have added visibility and insight to better understand risk and the ROI (return on investment) we’re receiving from our other security provider. Our security program continues to mature and we’re able to maintain continuous compliance. MCP gives me one less thing to worry about and frankly makes my job easier.””
Johnny Yang
Director Information Security & Compliance
“TDI always provides top notch personnel that meet or exceed the requirements of the contract. Their deliverables, reports, and technical aptitude are bar none. We will continue to hire TDI … they always come through for us and our end customers.”
Emilio Gonzalez
Joint Strike Fighter Program Manager
“[TDI Employee] You are the Man !! Thanks so much for the quick turn around.”
W.A. Harrison
USAJOBS Program Office Deputy Program Director
“The most appealing part of the engagement was the development of the 10-year strategic security plan for our mutual client. The quality of the thinking and input into the deliverables was exceptional.”
Bruce Gnatowski
Director Verizon Global Services
“On behalf of MCSC, PdM TFITS, Manpower Team, I would like to express our appreciation for the excellence in leadership & teamwork demonstrated by [TDI Staff] over the past 18 months. Her role as a lead IA professional was carried out in a manner above and beyond expectations.”
Beverly Walker
USMC Manpower Branch Manager
“Highly skilled and knows their work. . . exceptional at task preparation & reduced time to perform tasks by 90%. TDI brings quality & care to the table. Lots of companies have good people, but TDI employees really care about the work they do & the collective customers we support.”
Deron Burba
Smithsonian CIO
“TDI and its staff provided high quality testing engagements followed up by concise easy to understand reports. They clearly showed adherence to tasks schedule and offer adequate frequency of client/customer interaction resulting in a very satisfied customer.”
Carla Little-Kopach
Chief, DARPA SSO BPA
“TDI has proven an invaluable asset to the mission of the CTO…have strengthened the overall IA posture of the DEA Enterprise…and continues to further innovate and provide solutions that help sharpen the overriding information technology goals and mission of the Office of the CTO.”
Mark Shafernich
CTO, DEA

Related Case Studies

All Case Studies
The IMF Identifies monetary risk globally. TDI ID’ed cyber risk for the IMF

Across internal systems, public facing applications, networks, and mobile devices, TDI has provided risk and vulnerability assessment services to scores of the IMF’s IT assets.
TDI helped USAC so they could help those in need in the U.S.

TDI provided a broad range of cybersecurity compliance and technical services to USAC so they could securely fund the mission of the FCC to support urban, poor, and educational communities.
We’ve fortified Smithsonian’s cyber for the better part of 2 decades

Our engineers have been embedded at Smithsonian longer than much of their own staff & we appreciate this honor & their trust to provide A&A, pen testing, training, business continuity, & more.

nSights Report


X