In most companies nowadays business processes are supported by the underlying IT environment and the applications used. To take advantage of all the benefits of the digital transformation in an efficient manner, a business often has to deal with difficult challenges, including compliance with regulatory requirements that are subject to constant change as well as new forms of cyber attacks (ransomware, DDoS attacks and phishing).

Core Services

At Grant Thornton Switzerland/Liechtenstein, we offer a range of services to help you achieve compliance and safeguard the resilience of your IT environment:

This service includes compliance with international standards in the creation of test reports that certify the quality of your processes for your customers.

  • ISAE 3402 control reports for financial statement relevant processes
  • ISAE 3000 control reports for all types of outsourced process
  • SOC 1 and 2 attestation services according to US standards
  • Support in the definition or assessment of contracts with external service providers or service recipients
  • Definition or assessment of processes for monitoring external service providers

We offer IT audit services as part of accounting audits and regulatory reporting in the industrial and financial sectors. We also provide competent support for IT audits performed by your internal audit department.

  • IT audits in the financial services and industry sector as part of the financial accounting audit
  • Regulatory IT audits as part of regulatory reporting
  • IT architecture assessments
  • Description and assessment of automated processes and controls
  • Special audits in the IT environment (such as IT security)
  • Business continuity management and disaster recovery
  • Assessment and testing of services based on blockchain technology

We provide auditing and consulting services in the IT security environment.

  • Cyber compliance ISMS as per ISO27001, BSI basic protection or B3S (KRITIS)
  • Cybersecurity and IT security audits
  • Cyber incident response
  • Cybersecurity and robustness (such as cyber incidence response and penetration testing)
  • Vulnerability assessment and penetration testing
  • Cyber awareness training
  • SWIFT CSP assessments
  • IT risk assessment and controls
  • IT business continuity (BCM) and disaster recovery plan (DRP) – from strategy and business impact analysis (BIA) through to planning and implementation of emergency scenarios

We would be happy to use our knowledge from our wide array of auditing activities to advise you on various IT topics.

  • Evaluation and benchmarking of your data analytics approach
  • Overview of available technologies and support in their selection
  • Development of specific data analytics for areas such as internal audit (SQL, ACL, IDEA)
  • Data visualisation (Power BI, Tableau, Spotfire, Qlik Sense)
  • Evaluation of your IT operating models and IT organisation
  • IT assessments for reviewing and analysing the efficiency and effectiveness of your IT organisation
  • Project monitoring and support for transformation projects
  • Evaluation of any given data sets and data migrations

Additional services

We offer additional services in cooperation with our partners from the Grant Thornton International network.

The new Federal Act on Data Protection (nFADP) and the corresponding ordinance will come into force in Switzerland on 1 September 2023. All companies that process personal data which affects natural persons in Switzerland fall within the scope of the law and are equally affected.

The specialists of the Advisory IT & Digitalisation Team of Grant Thornton Switzerland/Liechtenstein can support you efficiently and straightforwardly due to their expertise in technical and legal issues in order to implement the new legal requirements in a timely manner. 

 

 

In almost every company today, business processes are based on the underlying IT infrastructure and the applications used. Experience shows that this also affects the individual offices of cantonal authorities and the associated audit activities of the supervisory bodies. Grant Thornton supports cantonal financial auditors and supervisory bodies in auditing complex IT infrastructures and IT processes, thereby creating increased transparency and audit certainty in an interwoven constellation between offices and auditors with various interdependencies.

 

 

Digitalisation has changed a lot in the field of product design during the last few years - new types of processes and procedures are being introduced that enable companies to increase efficiency and save costs. Grant Thornton helps you design efficient and functional digital products, services and innovations in eCommerce and self-care areas that add value to your business. By applying a human-centred design process and design thinking standards, we can unlock your business’s potential and help it achieve higher revenues.  

 

 

A well-designed digital workplace and value-added intranet saves time and money and increases employee satisfaction. Companies have become even more digitised since Corona and today we find a new hybrid working model in many industries, where technology is of paramount importance to ensure efficient interaction and the integration of new employees.

Grant Thornton helps organisations optimise hybrid working by designing processes and systems for the digital workplace that provide ideal support for their employees.

 

Advisory IT & Digitalisation - Brochure

Advisory IT & Digitalisation - Brochure

Download PDF [726 kb]

More information

View more
Audit of a cloud-based IT environment
Advisory IT & Digitalisation Audit of a cloud-based IT environment
Advancing digitalisation has led to companies increasingly moving applications to the cloud, which entails risks. Auditing a cloud-based IT environment is a specialised task that requires technical knowledge and experience.
Christopher Oehri
Christopher Oehri
| Less than a minute | 04 Mar 2024
New FINMA circular “Operational risks and resilience”
Regulatory & Compliance New FINMA circular “Operational risks and resilience”
FINMA Circular 2023/1 “Operational risks and resilience – banks” comes into force on 1 January 2024. When the revised FINMA Circular comes into force, significant adjustments will be made in the areas of information and communication technology (ICT) risk management and critical data risk management. New requirements for ensuring operational resilience must also be observed. What are the most important aspects of the circular and what significance does it have for FinIA institutions?
Dr. Fabian Schmid
Christopher Oehri
Nina Helbling
| 4 min read | 01 Dec 2023
Digital Workplace
Advisory IT & Digitalisation Digital Workplace
A well-designed digital workplace and value-added intranet save time and money and increase employee satisfaction. Companies have become even more digitalised since Corona and today we find a new hybrid working model in many industries, where technology is of paramount importance to ensure efficient interaction and the integration of new employees.
Christopher Oehri
Christopher Oehri
| 3 min read | 02 May 2023
    View more

    Contact

    Christopher Oehri
    Christopher Oehri
    Partner – Advisory IT & Digitalisation
    Schaan, Zurich
    View full profile