IT internal audit

Solutions

IT internal audit

Strategic plan using a risk-based approach

The ever-increasing complexity of information and communication technology (ICT) and security risks presents new challenges for an organisation’s internal controls function, including Internal Audit (IA).

Introduction

Recent regulatory developments in the financial sector such as the CSSF Circular 20/750 implementing EBA Guidelines on ICT Security and Risk Management emphasize the importance of the internal audit function to provide independent
assurance on the control environment effectiveness to the management body.

In this context, effective information technology internal auditing requires thorough planning coupled with nimble responsiveness to quickly changing risks. Following a risk-based approach, an organisation’s IA plays a critical role in helping review and provide independent assurance that ICT and security-related activities are compliant with organisation’s policies, procedures, and external requirements.

Supervisory authorities (in Luxembourg and Europe) monitor closely how organisations cover their ICT risks when defining their multiannual internal audit plan using a risk-based approach.

Learn more about how Deloitte can help you (attached flyer) and do not hesitate to contact one of our experts.

PDF - 728kb

Contacts

Stéphane Hurtaud

Stéphane Hurtaud

Partner | Cyber Security Leader

Stéphane is a partner within our Risk Advisory practice. He has over 21 years of experience in the IT risk, Information Security and IT audit fields, with a strong focus on the financial services indu... More

Onur Ozdemir

Onur Ozdemir

Director | Risk Advisory

Onur is a Director within our Risk Advisory department, where he focuses on Information & Technology Risk. He joined Deloitte Luxembourg’s risk management service line in July 2012. Onur has 12 years ... More

Roland Bastin

Roland Bastin

Partner | Forensic & Risk Advisory

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Laurent Berliner

Laurent Berliner

Partner | EMEA FSI Risk Advisory Leader

Beside his service responsibilities for many of our clients, Laurent leads the international relations of our Luxembourg firm to sustain our international development from a client, service, talent an... More