IT Audit Services

The IT World

  • Computers have matured from being merely data processing systems to the situation now where they collect, store and provide ready accesses to large amounts of data. This data is used in decision making and operating organizations’ core business functions. Computers today communicate with each other and exchange data over networks – both public and private.
  • In a typical IT system, especially when implemented in an environment of inadequate controls, the audited entity faces many risks that an IT auditor should be able to identify. Even when the audited entity has implemented some risk-reduction measures, an independent audit is required to provide assurance that adequate controls (General Computer Controls and/or Application Controls) have been designed and are operated to minimize the exposure to various risks.


IT Governance

  • IT Strategy and Planning
  • Organisational structures, Standards, Policies and Procedures
  • Internal Control
  • Investment Decisions
  • IT Operations
  • People and Resources

IT Operations

  • IT Service Continuity management
  • Service Level Agreement
  • Information Security Management
  • Capacity Management
  • Problem and Incident Management
  • Change Management

Development & Acquisition

  • Requirements Development & Management
  • Project Management & Control
  • Quality Assurance & Testing
  • Solicitation
  • Configuration Management

Business Continuity and Disaster Recovery

  • Business Continuity Policy, Plan and Organisation
  • Establishment of Business Continuity Function
  • Business Impact Assessment and Risk Management
  • Preventive and environmental controls
  • Testing
  • Security
  • Back-up and data recovery for outsourced services

Information Security

  • Risk Assessment
  • Security Policy
  • Physical and Environmental Security
  • Communications & Operations Management
  • Asset Management
  • Access Control
  • Human Resources IT Security
  • IT Security Incident Management
  • Compliance


  • Outsourcing Policy
  • Solicitation
  • Vendor / contract Management
  • Service Level Agreement (SLA)
  • Benefit Realisation
  • Security

Application Control

  • Input Controls
  • Processing Controls
  • Output Controls
  • Application security controls

Summary of Domains

  • IT Governance
  • Development & Acquisition
  • IT Operations
  • Business Continuity and Disaster Recovery
  • Information Security
  • Outsourcing
  • Application Control

Style Switcher

Predifined Colors

Layout Mode