Approach and Methodology

Our systems and technology audit process is consistent with our overall audit approach in that it uses a top-down process that starts with understanding of key Management controls and identifying critical risk areas. Most systems and technology audit procedures take place in the following areas based on the needs of the engagement team

Critical Applications

  • IT DRP Controls
  • IT Strategy Planning
  • IT Steering Committee
  • Policies and Procedures
  • SDLC & Change Management
  • Access Controls
  • Backup and Contingency Planning

Business Continuity Management

Holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause, and which provides a framework for building organizational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.

Technical Infrastructure

  • Problem & Incident Management
  • Operating System Controls
  • Database Security Controls
  • Data Centre Environmental Controls
  • IT Org Chant

System & Process Changes

  • Security Controls (e.g. Password, Auditing)
  • Data Encryption