- Do you have total trust in your IT systems?
- Are they delivering the services you expect?
- To the required standard of quality and reliability? Do they adequately protect internal and customer data?
- Do you have appropriate and adequate controls in place?
- re you prepared to deal with major incidents such as a security breach or power outage? Should an incident occur, how confident are you that you can limit its impact and resolve it promptly?
Have you analysed or tested the robustness of your systems? Even a small IT audit can quickly highlight potential risk areas that require more in-depth review. It can also help make sure that your IT is reliable enough to support business operations.
How we can help
We can work with you to perform a rapid high-level IT audit or focus on a specific system or process to appraise its health. We can also verify that your IT is aligned with your business strategy and needs, and recommend areas for improvement. Together, we can make sure you optimise the value your IT brings to your organisation. Working with you to understand your business and ambitions, we tailor our approach to make sure it matches your specific context.
Across the complete IT spectrum
We can help you identify and tackle IT and information risks on every level, including:
- IT governance, IT risk management (in line with your enterprise risk management and risk appetite) and business alignment
- Security policies, standards and procedures, including information classification schemes and security awareness campaigns (e.g. through social engineering)
- IT management processes such as incident and problem management, development and change management, security administration, asset and configuration management, operations, disaster recovery and business continuity planning (DRP and BCP)
- In-house developed applications and standard software packages (for ERP, such as SAP, Oracle Financials, JD Edwards, as well as Axapta, Thaler, etc.)
- Operating systems, databases, middleware and networks
- Security and administration tools (e.g. directories, identity and access management solutions, public key infrastructures - PKI, intrusion detection systems and GRC solutions).
We call on tools and practice aids to achieve results quickly and to a high standard of quality. We have developed advanced proprietary methodologies to evaluate IT systems and processes, and offer a clear picture of the risks you face. We also use existing standards such as:
- COBIT (Control Objectives for IT)
- ITIL® (the IT Infrastructure Library)
- Sstandards from ISF (Information Security Forum)
- ISO such as ISO 27000 and ISO 20000
PwC is an accredited ISO assessor and can help you prepare for ISO 27001, ISO 27002 or ISO 38500 accreditation and certification.
ITIL® is a registered trademark of the PeopleCert group. Used
under licence from PeopleCert. All rights reserved.
Contact us
