IT Risk & Assurance

Are you sure your systems won’t fail?

Assuring that your IT systems deliver what is expected and are aligned with your strategy and information security needs.

  • Do you have total trust in your IT systems?
  • Are they delivering the services you expect?
  • To the required standard of quality and reliability? Do they adequately protect internal and customer data?
  • Do you have appropriate and adequate controls in place? 
  • re you prepared to deal with major incidents such as a security breach or power outage? Should an incident occur, how confident are you that you can limit its impact and resolve it promptly?

Have you analysed or tested the robustness of your systems? Even a small IT audit can quickly highlight potential risk areas that require more in-depth review. It can also help make sure that your IT is reliable enough to support business operations.

IT Risk & Assurance. Are you sure your systems won’t fail?

How we can help

We can work with you to perform a rapid high-level IT audit or focus on a specific system or process to appraise its health. We can also verify that your IT is aligned with your business strategy and needs, and recommend areas for improvement. Together, we can make sure you optimise the value your IT brings to your organisation. Working with you to understand your business and ambitions, we tailor our approach to make sure it matches your specific context.

Across the complete IT spectrum

We can help you identify and tackle IT and information risks on every level, including:

  • IT governance, IT risk management (in line with your enterprise risk management and risk appetite) and business alignment
  • Security policies, standards and procedures, including information classification schemes and security awareness campaigns (e.g. through social engineering)
  • IT management processes such as incident and problem management, development and change management, security administration, asset and configuration management, operations, disaster recovery and business continuity planning (DRP and BCP)
  • In-house developed applications and standard software packages (for ERP, such as SAP, Oracle Financials, JD Edwards, as well as Axapta, Thaler, etc.)
  • Operating systems, databases, middleware and networks
  • Security and administration tools (e.g. directories, identity and access management solutions, public key infrastructures - PKI, intrusion detection systems and GRC solutions).
We call on tools and practice aids to achieve results quickly and to a high standard of quality

We call on tools and practice aids to achieve results quickly and to a high standard of quality. We have developed advanced proprietary methodologies to evaluate IT systems and processes, and offer a clear picture of the risks you face. We also use existing standards such as:

  • COBIT (Control Objectives for IT)
  • ITIL® (the IT Infrastructure Library)
  • Sstandards from ISF (Information Security Forum) 
  • ISO such as ISO 27000 and ISO 20000

PwC is an accredited ISO assessor and can help you prepare for ISO 27001, ISO 27002 or ISO 38500 accreditation and certification.

ITIL® is a registered trademark of the PeopleCert group. Used

under licence from PeopleCert. All rights reserved.

Contact us

Wim Rymen

Wim Rymen

Partner, PwC Belgium

Tel: +32 473 26 92 27

Jorgen Van den Langenbergh

Jorgen Van den Langenbergh

Senior Manager, PwC Belgium

Tel: +32 470 82 78 06

Connect with PwC Belgium