IT Audit, expertise & investigation

Support to the Internal Audit Department

• Definition and implementation of an internal audit process according to IIA / ISAI best practices
  
• Elaboration of an internal audit strategy integrating:
  
  • New and upcoming technology-related topics that will have to be audited
    
  • Continuous improvement of internal audit processes, tools and staff
• Integration of internal audit with the major processes of the company:
  
  • Risk Management: ERM & ORM
  • Information security and positioning of internal audit
  • Portfolio management of services and projects
• Development of IT controls and IT control self-assessment questionnaires

Customized general computer audits

• Business Processes and underlying IT services
  
  • End-to-end Billing systems
  • Order-to-cash and value chain
  • Supply chain management
    
  • Accounts Receivable and Accounts Payable
  • CRM and customer relationship management, contracts and products
• Audit of IT costs (organizations, projects and services)
  • Evaluation of IT costs
    
  • Identification of action points for cost-based IT strategy management
• Audit of strategic IT projects and project management methods
• Audit of Business Process Continuity (ISO 22’301) and IT Services
• Information Security and cybersecurity audits (ISO 27’001, NIST)
  
• GDPR DPIA (Data Protection Impact Assessment)

Special investigations on a case-by-case basis

• Financial fraud, analysis of business processes and IT
• Technical fraud (cyber and telecoms)
• Post-mortem analysis and information systems security concepts

SAP Security audit

• GRC Audit
• Data security
• User and access management