Information Technology


Comprehensive consulting for a changing world.

Our team can help navigate the otherwise overwhelming world of information technology to maximize your operations. Trust the expertise and deep industry leadership of the best minds at our firm to create a comprehensive IT strategy for a digital and technological transformation of your organization that goes in line with your business objectives. Use the expertise and deep industry leadership of the best minds at our firm to create a comprehensive IT strategy for a digital and technological transformation of your organization that goes in line with your business objectives. Our strategic IT consulting will help you automate and digitalize operations, optimize the software portfolio, and implement the latest technologies.


Cybersecurity is part of the critical operation of most entities. It encompasses everything that pertains to protecting your sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems from theft and damage attempted by criminals and adversaries.


Our IT Risk Consulting Division aligned with frameworks like ISO 27001, NIST, SOX, COBIT, HIPAA, and others will provide to your entity the best assurance of your Governance, Risk, and Compliance structure.

IT Risk Assessment

An IT risk assessment does more than just tell you about the state of security of your IT infrastructure; it can facilitate decision-making on your organizational security strategy. Conducting an IT risk assessment can help identify security threats and vulnerabilities, and locate vulnerabilities in your existing IT infrastructure and enterprise applications before these are exploited by hackers. 

Business Continuity

Business continuity is an organization’s ability to ensure operations and core business functions are not severely impacted by a disaster or unplanned incident that take critical systems offline. Business continuity planning is the interdepartmental process, often led by information technology, of implementing the tactics used to restore normal business in a set amount of time, define the amount of data loss acceptable to the business, and communicate critical information to organizational stakeholders during and following incidents.

Penetration Testing

A penetration test assesses the effectiveness of security controls by simulating a real-world attack that mimics current adversary techniques. Penetration testing is useful for illuminating unknown security weaknesses that could result in a compromise. FPVG is uniquely positioned to spot gaps and anticipate shifts in security trends across our diverse customer base and industries served.

Vulnerability Assessment

Our team will expertly perform a systematic review of security weaknesses in your information system and work with you to improve it. This type of assessment evaluates if your system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.

Phishing Testing

Phishing is big business. Attacks have shown record growth in recent years, and a solid security awareness program is an integral part of any defense-in-depth strategy. A Phishing Security Test is a tool that can determine the vulnerability level of your network by giving you an indication of how many people may be susceptible to an email-born social engineering attack. 

Sarbanes Oxley (SOX)

We are also a qualified firm with expertise in the Sarbanes-Oxley Act of 2002 (SOX) compliance testing and project management background to perform compliance testing services (in accordance with SOX Section 404).


SSAE stands for Statements on Standards for Attestation Engagements, and SSAE 16 is an attestation standard established by the American Institute of Certified Public Accountants (AICPA) to report on the controls and services provided to customers by service organizations. SSAE 16 replaced the SAS 70 audit standard. SSAE 16 compliance requires the service organization’s management to provide a written assertion about the fair presentation of the information system’s design, controls, and operational effectiveness in addition to previous requirements. Trust our team of experts to guide you through the process and stay compliant. 

IT Policies and Procedures

The goal of IT policy and procedure is to maximize IT value and promote the most productive usage of IT products and services. IT management policies, and related procedures, are often used to limit and control technology utilization to its healthiest team applications, lower operating costs, and limit risk exposure (financial, security, and otherwise). They are, therefore, a necessary element in your organization that can promote productivity, minimize redundant work effort, and deliver consistency in performance and results.

Team Certifications

Our team is composed of highly qualified professionals with the following certifications:

  • CPA
  • CIA
  • CISA
Contact Us

Explore more at FPV&G

Specialized Industries

Our firm has worked with partners across many industries and of all shapes and sizes. From small private companies to government agencies, to massive healthcare and consumer companies, to nonprofit and everything in between. See our list of industry specialties to learn more.

Learn More

Meet Our Team

Meet our firm’s leadership and the amazing talents that make our firm one of the most prominent accounting and consulting firms in Puerto Rico. Our highly qualified partners holds over a century of combined professional experience, which firmly supports our proven record of success.

Learn More

Explore Careers With Us

Looking to further your career at a place of excellent reputation and with an amazing culture? Join our team of top-notch professionals in the field of accounting, audit, tax, management consulting and more, and learn how our multidisciplinary approach makes us such a strong industry leader.

Learn More