Grant Thornton’s Business Risk Services team provides IT audit, security and control services to help our clients’ technology and risk functions to implement effective IT controls, mitigate risk and provide critical reviews of existing control frameworks.
Information technology can provide competitive advantages in today’s environment but the risks involved with IT systems need to be managed. Successful organisations recognise not only how to use IT to achieve their strategic goals, but how to manage the associated risks.
Grant Thornton can help your organisation to manage IT-related risks and assist you in understanding the importance of control over information systems and your technology infrastructure. Although our approach is tailored to meet the specific needs of each client, we focus on providing the following services:
- critical review of existing IT control frameworks and design of IT controls;
- documenting of IT controls and creating formal IT control frameworks from existing ad-hoc controls;
- auditing of an organisation’s existing IT controls and remediation of IT control gaps and deficiencies;
- planning and reviewing segregation of duties and appropriateness of user access rights;
- advice on managing IT security;
- reviewing internal and external network security;
- advice on the formulation and implementation of effective information security policies;
- advice on the design and implementation of backup, business continuity and disaster recovery plans; and
- review of change management process and IT project lifecycle reviews.