IT Risk & Assurance

Are you sure your systems won’t fail?

Assuring that your IT systems deliver what is expected and are aligned with your strategy and information security needs.

  • Do you have total trust in your IT systems?
  • Are they delivering the services you expect?
  • To the required standard of quality and reliability? Do they adequately protect internal and customer data?
  • Do you have appropriate and adequate controls in place? 
  • re you prepared to deal with major incidents such as a security breach or power outage? Should an incident occur, how confident are you that you can limit its impact and resolve it promptly?

Have you analysed or tested the robustness of your systems? Even a small IT audit can quickly highlight potential risk areas that require more in-depth review. It can also help make sure that your IT is reliable enough to support business operations.

Men working on computers and flow charts in back on wall

How we can help

We can work with you to perform a rapid high-level IT audit or focus on a specific system or process to appraise its health. We can also verify that your IT is aligned with your business strategy and needs, and recommend areas for improvement. Together, we can make sure you optimise the value your IT brings to your organisation. Working with you to understand your business and ambitions, we tailor our approach to make sure it matches your specific context.

Across the complete IT spectrum

We can help you identify and tackle IT and information risks on every level, including:

  • IT governance, IT risk management (in line with your enterprise risk management and risk appetite) and business alignment
  • Security policies, standards and procedures, including information classification schemes and security awareness campaigns (e.g. through social engineering)
  • IT management processes such as incident and problem management, development and change management, security administration, asset and configuration management, operations, disaster recovery and business continuity planning (DRP and BCP)
  • In-house developed applications and standard software packages (for ERP, such as SAP, Oracle Financials, JD Edwards, as well as Axapta, Thaler, etc.)
  • Operating systems, databases, middleware and networks
  • Security and administration tools (e.g. directories, identity and access management solutions, public key infrastructures - PKI, intrusion detection systems and GRC solutions).
Man showing woman with blue clothes a report

We call on tools and practice aids to achieve results quickly and to a high standard of quality. We have developed advanced proprietary methodologies to evaluate IT systems and processes, and offer a clear picture of the risks you face. We also use existing standards such as:

  • COBIT (Control Objectives for IT)
  • ITIL (the IT Infrastructure Library),
  • Sstandards from ISF (Information Security Forum) 
  • ISO such as ISO 27000 and ISO 20000

PwC is an accredited ISO assessor and can help you prepare for ISO 27001, ISO 27002 or ISO 38500 accreditation and certification.

Contact us

Ingvar Van Droogenbroeck
Partner, PwC Belgium
Tel: +32 2710 7204
Email

Follow PwC Belgium