In practically every company and organisation, Information technology (IT) is a vital part of the structure, involved in carrying out processes, accounting and reporting. That's why issues relating to the management and control of IT are high up on the management's agenda - and, no less often, high up on the list of the problems they have to deal with.
Corporate management is responsible for ensuring that the appropriate IT governance is in place. It is needed in order to help achieve corporate targets by means of the focused and cost-effective use of IT and to minimise and control all IT-associated risks. Effective measures and controls need not only to be in place but also to be enforced.
As an IT auditor we can assist you in monitoring, evaluating and optimising your IT systems, practices and operations with a special focus on the following areas:
- Audit of IT general controls in accordance with Swiss auditing standard PS 890
(evaluation of an ICS as part of audit mandates)
- Extensive collection and evaluation of evidence on the organisation, processes and controls in the IT area
- Collection and evaluation of programmed controls of IT applications and of the organisation and the ICS during their use
- Collection and evaluation of IT security
- Preparation of audit reports on the ICS of outsourcing services according to recognised auditing standards (ISAE 3402 / SSAE 16) and FINMA Circular 2008/7
- Analysis of "any" databases using the IDEA audit software
As an IT consultant we also provide you with support in the following areas:
- Optimum structuring of your organisation and processes in the IT area and on the organisational inclusion and management of IT (IT governance)
- Analyses and concrete suggestions as to the secure, efficient and cost-effective use of IT tools
- Development of IT strategies and concepts (incl. evaluation of IT solutions) and assistance with their implementation
- Management, controlling and review of IT projects