IT Audit & Assurance

Strengthen the trust in your IT.

In today’s business world, companies are more dependent than ever on robust IT environments and applications. Digitalisation offers numerous benefits, including greater efficiency, reduced costs, better data management and increased customer satisfaction. However, these advantages also come with challenges such as potential risks and, depending on the industry, strict regulatory requirements.

As well as minimising your compliance risks, why not increase the security of your IT systems at the same time? Let BDO guide you as a strong partner. Our comprehensive IT audit and assurance services enable you to demonstrate the integrity and efficiency of your IT systems while meeting security and compliance requirements. We’ll help you strengthen your stakeholders’ trust in your IT.

Our services


Attestation / Non-Audit Assurance Engagement

Your customers expect not only first-rate service from you, but also the certainty that their data is secure and that your company complies with all the relevant standards or fulfils specific requirements. With BDO at your side, that is exactly what you can prove to them. We carry out an independent audit and attestation of your processes and control systems – our reports are based on international auditing standards. 

BDO offers you a wide range of specialised audits to corroborate the integrity and reliability of your services. These include the following provider checks:

  • ISAE 3402 control reports for processes relevant to the annual financial statements
  • ISAE 3000 control reports for all types of outsourced processes
  • SOC 1 and SOC 2 attestation services according to US standards


Regulatory audit

Regulatory audits must be carried out in compliance with legal and regulatory requirements. For the assessment of your internal control system (ICS) as part of the statutory audit, we examine the general IT controls in accordance with Swiss auditing standards. 

Examples of our regulatory audits:

  • Assessment of the general key controls within IT
  • Comprehensive assessment of central IT processes
  • FINMA Circular 2018/3 Outsourcing
  • FINMA Circular 2023/1 Operational risks and resilience – banks
  • Directives on information security and data protection audits of the Federal Social Insurance Office FSIO

iconIT audit

Our IT audit services focus on IT-relevant audit areas during the audit of annual financial statements and as an expert partner in the area of internal IT auditing. 

Examples of our services as part of the annual audit:

  • Assessment of the effectiveness of general IT controls in the audit areas of IT organisation, change management, access management and IT operations
  • Assessment of application controls as part of automated processes
  • Migration audits
  • Assessment of your business continuity management solution
  • Data analysis

Contact us

Key contacts