Information Technology Audit

Solutions

Information Technology Audit

Evaluate controls related to IT

In today’s complex business environment, organisations are constantly challenged with an increasing number of information technology risks, including security threats, regulatory and legislative compliance.

To support business objectives and demonstrate compliance, organisations must implement and maintain a reliable IT control environment.

How Deloitte can help?

Deloitte can assist boards and senior executives to better understand and manage their current Information Technology risks, by providing independent and expert IT control assessment and design tailor-made recommendations to align IT controls with industry standards, regulatory requirements and best practices:

  • Ad-hoc IT Audit – flexible and collaborative approach to support an organisation’s Executive Management or specific function (e.g. IT, Internal Audit, etc.) where we provide advice, leading practices, and experienced professionals with industry and specialised capabilities
  • Independent Assurance for Service Organisations – SOC 1, SOC 2 and SOC 3 third party assurance reports issued under ISAE 3402 / SSAE 16 or ISAE 3000 standards can assist service organisations to demonstrate IT compliance to third parties

Deloitte proposition overview

  • IT Audit – Evaluate the design and effectiveness of IT general computer controls related to business software, IT technical environment, as well as maturity of the various IT processes
  • Audit of Segregation of Duties – Evaluate the design and effectiveness of application security and controls, strengthening business controls and processes, and improving segregation of duties (T24, Olympic, SWIFTAlliance, SAP, PeopleSoft, etc.)
  • Service Organisation Control (SOC) reports including ISAE 3402 / SSAE 16 examinations as well as SOC 2 & SOC 3 reports
  • Audit of Systems Migrations – Evaluate the design and effectiveness of test plans and data conversions performed as part of major upgrade or software transformation
  • Data Analytics – Obtain and evaluate data in order to identify areas of key risk, fraud, errors or misuse; improve business efficiencies; and verify process effectiveness
     

Contacts

Roland Bastin

Roland Bastin

Partner | Information & Technology Risk

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Stéphane Hurtaud

Stéphane Hurtaud

Partner | Information & Technology Risk

Stéphane is a partner within our Risk Advisory practice. He has over 21 years of experience in the IT risk, Information Security and IT audit fields, with a strong focus on the financial services indu... More

Maxime Verac

Maxime Verac

Senior Manager | Information & Technology Risk

Maxime Verac is a Senior Manager within Deloitte’s Information & Technology Risk services in Luxembourg. He has 10 years of experience in Information Security. During the last 10 years, as a consultan... More