|
Technology risk advisory
There is an increasing reliance on Information Technology (IT) as an essential business tool to satisfy many business expectations, including winning new business, saving costs through greater efficiencies and improving communication throughout distributed offices. Obtaining adequate protection against threats on the control and security of your IT systems is therefore imperative in providing you with confidence that your IT system will function in accordance with your expectations. Our Business risk services professionals can give you assurance over the risks you face. We help you improve the control and security of your information systems, building robust defences against the array of external and internal threats. Our Technology risk advisory services include: - IT governance – evaluate, identify and establish essential controls that address systems development and acquisition, systems maintenance, information systems management and operation, logical and physical security, backup and disaster recovery.
- IT security - identify areas of weakness, design and implement security solutions and monitor threats in order to protect your information assets. This may be based on recognised standards such as ISO17799.
- Business continuity management – increase resilience to disasters such as power failures or fire through planning and developing prioritised strategies.
- Implementation effectiveness - Pre- and post-implementation reviews to determine the effectiveness and reliability of a system change.
- System, platform and application review – identify business risks at a process level and evaluate the design and implementation of control solutions to mitigate those risks.
- IT internal audit – provide IT Internal Audit Co-Sourcing and Outsourcing functions, leveraging from our IT audit knowledge base and sophisticated methodologies.
Technology risk assurance services
Your business may be required to obtain assurance in order to comply with laws and regulations or alternatively you may wish to gain particular certification regarding the quality of your systems to use as evidence in support of your references to customers. Our Technology risk assurance services include: - Agreed-upon procedures - may cover specific accounts, classes of accounts, accounting processes or technology processes. The result is assurance and comfort that financial and IT operations are performed according to procedures.
- SAS 70 Review - authoritative guidance that allows service organisations to disclose their control activities and processes to their customers and their customers' auditors in a uniform reporting format.
- E-trust services - for enabling private, encrypted communications and secure transactions.
- Technology due diligence – assessment for corporate transactions where technology is a core part of the business.
If you wish to know more about our Business risk services, please contact: Patrick Rozario
T +852 2218 3118
E patrick.rozario@gthk.com.hk Chris Tam (Shanghai)
T +86 21 2322 0223
E chris.tam@gthk.com.hk Gordon Hau
T +852 2218 3403
E gordon.hau@gthk.com.hk Ron Ho (Shanghai)
T +86 21 2322 0267
E ron.ho@grantthornton.com.cn
|
