IT governance and advisory

In 21st century business success is closely related to information technology and ability to manage the IT associated risks and uses it to drive their stakeholder value. 

Our BRS team can help you evaluate your IT (Information Technology) governance, analyze IT applications and infrastructure, strengthen security and assess the business risks and controls related to the use of IT. IT is often one of the most important vulnerable assets a business has, which is why it is critical to ensure that you maximize your technology investment and use IT effectively to help you drive your business strategy.

Grant Thornton has a proven, internationally-used methodology for IT audit, IT advisory and risk-oriented engagements, which involves review and assessment, design and implementation, recommendations and action plans for ongoing re-evaluation and continuous improvement. This allows us to provide a consistent, standardized, best practice IT assurance service, whilst retaining the flexibility to adapt to your specific circumstances and requirements.

Our IT assurance approach based on a risk-based methodology. Our detailed work programmes are based on COBIT and the related IIA’s Global Technology Audit Guides, and include tested and proven good practice in IT assurance, so that control improvement opportunities can be identified. We can tailor our IT assurance programmes to suit the scope of a clients’ engagement. Typically an IT internal audit or IT risk management engagement will include some or all of the following: user access, system interfaces, data protection and integrity, change management, information security and business continuity planning.

Grant Thornton offers clients an extensive suite of IT Governance and advisory services in the following areas:

  • Assurance of IT-systems and processes
  • Audit of IT general and application controls
  • Audit of special payment and billing systems
  • Software Selection
  • IT Risk management
  • IT Strategy
  • IT due diligence
  • Technology Advisory
  • Cybersecurity audits and advisory
  • Penetration testing and vulnerability scanning solutions
  • IT Governance Audit
  • Audit of Data Center

Grant Thornton IT Governance and advisory services are designed to provide:
assurance to the Board, Audit Committee and other interested parties that IT risks are being effectively mitigated

  • greater awareness of IT risks within the organization
  • a clearer view of the performance of IT controls, to enable you to monitor their effectiveness
  • the information needed to determine return on investment in IT security and control
  • compliance with relevant legislation and regulatory frameworks, such PCI DSS, ISO 27001, NIST, SWIFT, ISO 9001 and etc.
  • the ability to satisfy management, customers and external auditors that information security and systems are appropriately managed and controlled