IT audit and assessment

We undertake audits and assessments to confirm whether your organization is following the rules and regulations set by an external agency or authority. This is commonly referred to as a compliance test. Depending on your requirements, our auditors will ask CIOs, CTOs, IT Administrators etc. a series of questions over the course of an assessment to determine compliance.

Our IT audit services provide you with assurances that your corporate governance, IT risk management and internal IT controls operate effectively. We follow a structured approach based on industry best practice frameworks to provide an independent assessment of your compliance.

We examine:

  • Evaluation of IT controls
  • IT policy/procedure
  • IT vendor / IT procurement selection
  • Business continuity audit

IT security audit and gap analysis implementation methodology

We adopt a risk-based IT audit methodology encompassing a number of respected industry standard frameworks such as ISO/IEC 27001 and COBIT (as recommended by the Institute of Internal Auditors in the UK and Ireland). This ensures we cover a number of controls including technical, procedural and administrative.

The advantage of utilizing a structured and formalized framework is that it provides a transparent, repeatable and measurable structure for evaluating and improving internal controls.

The audit execution process:

  1. Defining the scope
  2. Planning - identify and assess adequacy of control design
  3. Control operating effectiveness tested
  4. Reporting

Examples of IT audit services we provide:

  • Onsite IT audit support and delivery
  • External IT audit support and delivery
  • Sarbanes and Oxley (SOX) audit
  • ISO/IEC 20000 IT Service Management