Their success is dependent on information technology. The complexity of the IT environment is due to globalisation, new business models and digitalised business processes. In addition to the benefits, there are also threats and risks that can lead to significant financial and reputational losses.
An IT audit is one of the tools that can help you manage these threats and risks and ensure efficient use of your resources. An IT audit provides an objective assessment of your IT environment and infrastructure, as well as your policies and procedures, their relevance to your objectives, and generally accepted practices and industry standards.
Our IT audit approach aims to first isolate the risks associated with the IT systems and IT processes through a mapping of the IT relevant processes, known as scoping. In the second step, the dependency of the processes on the essential applications is determined. Indicators for determining this dependency are, for example, the number of transactions per day, the number of users and the presence of web applications or ERP systems.
Here we examine the following areas:
- IT infrastructure
- Access control
- Data backup
- IT failure
- IT security
- Outsourcing (where relevant)
- Change management (programme change, test and release procedures)
On a case-by-case basis, we check the interfaces between IT systems, data migration when converting ERP systems, etc. In this way we contribute to the optimisation of processes and the increase of your business success.
We conduct our audits in accordance with recognised guidelines and standards, such as ISA 315 and IDW PS 330 and, if software is to be audited, in accordance with IDW PS 880.