IT Audit

We offer IT auditing of the customer's Information Security Management system, which includes analyzing Infrastructure, Computer Centers, IT systems and applications. The audit might cover following areas: IT Governance, Software acquisition and development, testing and maintenance processes, IT operations and operational processes, Business Continuity and Restore and Recovery planning. The audits can be conducted on the company's premises and on the company’s outsourced partner side. The audit of outsourced engagement can include a review of agreements, outsourcing and purchasing routines as well as delivery of quality of IT services.

ISO 27001 Certification

We can provide IT audit support during the ISO 27001 certification process, which includes pre-audit, first and second-stage audits, and follow-up audits for the certified companies.

Advisory

Advisory services include an assessment and an evaluation of the effectiveness of customers' IT General Controls (ITGC) and Application Controls and reviewed in line with the support of international frameworks such as COBIT and ISO 27000 series. During the evaluation, an overall review of selected controls is carried out with the aim of demonstrating the effectiveness of the controls. In case of detection of any deficiencies, appropriate improvement measures will be proposed.

ICFR

We offer an integrated audit of the Internal Controls over Financial Reporting (ICFR). Our starting point is that your financial statements are prepared in accordance with generally accepted accounting principles, applicable laws and regulations and other requirements for listed companies. We can help you to achieve a reasonable assessment on your ICFR controls to be able rely on the quality of your financial data.

GDPR

By establishing a link between the ISO 27001 control framework and the General Data Protection Regulation (GDPR), we can effectively review how your company has adapted to GDPR or the Data Protection Regulation. The review can include identification of personal data, privacy impact analysis, review of rights and permissions, archiving and retention rules.

Risk Management

We can facilitate Quality and Risk Assessment meetings. We can help you create and implement a Risk strategy so that you will be able manage IT Risks adequately.