• Information Technology Audit

    Evaluate controls related to information technology

IT Assurance & Advisory

ASSURANCE :

BDO can assist boards and senior executives to better understand and manage their current Information Technology risks, by providing independent and expert IT control assessment and design tailor-made recommendations to align IT controls with industry standards, regulatory requirements and best practices

  • IT Audit – we evaluate the design and effectiveness of IT general computer controls related to business software, IT technical environment, as well as maturity of the various IT processes
  • IT Internal Audit – we provide IT internal audit services to clients who may not have the specialist resource internally.
  • Audit of Segregation of Duties – we evaluate the design and effectiveness of application security and controls, strengthening business controls and processes, and improving segregation of duties
  • Third party assurance – we issue third party independent assurance including ISAE 3402 / SSAE 16 and ISAE 3000 examinations as well as SOC 1, SOC 2 & SOC 3 reports
  • Audit of Systems Migrations – we evaluate the design and effectiveness of test plans and data conversions performed as part of major upgrade or software transformation
  • Data Analytics – we obtain and evaluate data in order to identify areas of key risk, fraud, errors or misuse; improve business efficiencies; and verify process effectiveness

 

ADVISORY : 

BDO can assist boards and senior executives to better understand and manage their current Information Technology risks, by providing independent and expert IT control assessment and design tailor-made recommendations to align IT controls with industry standards, regulatory requirements and best practices

  • Information Security Management – we help organisations identify risks and assess the controls they have in place to safeguard and secure information. Our range of services includes:
    • IT Security Risk Assessments – we focuses on a risk workshop structured around areas of the ISO 27001 IT security standard
    • Penetration Tests and Vulnerability Assessments - we provide both “external” and “internal” penetration tests and vulnerability assessments to help you assess your vulnerability to attacks originating from outside and within your private network. Our testing covers threats to both your network and web infrastructure
    • Information security policy and procedures – we assist implementing an Information Security framework (define policies and underlying procedures; evaluate level of monitoring, organise security awareness, …)
  • Business Continuity Management – we provide a range of services from assisting in the assessment of the suitability of plans to the development of plans from scratch
  • Regulatory assistance – we assist in identify all existing regulatory requirements applicable to your organisation which impact your IT environment and we help define solutions to address identified compliance gaps.