IT System Audit, Review and Assessment

IT audit and information system security services deal with the identification and analysis of potential risks, their mitigation or removal, with the aim of maintaining the functioning of the information system and the organization's overall business.

Our services include:



    IT System Audit, Review and Assessment
    IT Risk Management
    IT Due Diligence
    Vulnerability Assessment and Penetration Testing
Odoo • Text and Image
Odoo • Image and Text

The goals 

  • Systematize, improve and integrate business procedures and the coverage of business information in the information system
  • Identify risks and weaknesses, thus enabling the definition of solutions for introducing controls over processes supported by IT
  • Accelerate the business information collection process
  • Centralize the control system and eliminate bottlenecks in information flow through the IS
  • Regulatory compliance
  • Reduce IT-related costs, as they represent a significant proportion of the organization's total costs
  • Ensure information confidentiality, integrity and availability
  • Assess ERP system before and after implementation
  • Align IT assessment and IT strategy
  • Attain IT management standards

Our approach:

  • Testing logical and physical security controls
  • Testing IT operations
  • Testing disaster recovery procedures
  • Testing business continuity
  • Data integrity assessment (process assessment, controls identification...)
  • Assessment of controls over critical system platforms, network and physical components, IT infrastructure supporting relevant business processes
  • IT strategy preview
  • IT organization review (organizational structure, leadership...)
  • IT process review (helpdesk, service management, application management oversight)

Results:

  • Reliable IT controls and risk management capability
  • Security information management enabled
  • Improved data availability and integrity
  • Improved ability to enter new markets
  • Enhanced reputation
  • Long-term savings
  • Revenue growth

Key areas:

  • Security and Privacy (Information leakage prevention, Security of changes, Biometrics and identity management)
  • Data (Data privacy, Data quality, Data access)
  • Resilience and Continuity (Recovery after IS failure, Resilience and preparedness, Testing, drills and simulations)
  • Fraud (IT forensics, Fraud risk management)
  • Payments (Payment risk management, PSD/SEPA preparedness, Sanctions OFAC)
  • Projects and Testing (Project risk management, Test management, Implementation of tests)
  • Contracts (Contracting risk, Supplier risk management)
  • IT Controls (Controlling changes, Technology risk management, Organization-level risk management, IT internal audit)