Advisory IT & Digitalisation Generating security with IT.

This service includes compliance with international standards in the creation of test reports that certify the quality of your processes for your customers.

• ISAE 3402 control reports for financial statement relevant processes • ISAE 3000 control reports for all types of outsourced process
• SOC 1 and 2 attestation services according to US standards
• Support in the definition or assessment of contracts with external service providers or service recipients
• Definition or assessment of processes for monitoring external service providers

We offer IT audit services as part of accounting audits and regulatory reporting in the industrial and financial sectors. We also provide competent support for IT audits performed by your internal audit department.

• IT audits in the financial services and industry sector as part of the financial accounting audit
• Regulatory IT audits as part of regulatory reporting
• IT architecture assessments
• Description and assessment of automated processes and controls
• Special audits in the IT environment (such as IT security)
• Business continuity management and disaster recovery
• Assessment and testing of services based on blockchain technology

We provide auditing and consulting services in the IT security environment.

• Cyber compliance ISMS as per ISO27001, BSI basic protection or B3S (KRITIS)
• Cybersecurity and IT security audits
• Cyber incident response
• Cybersecurity and robustness (such as cyber incidence response and penetration testing)
• Vulnerability assessment and penetration testing
• Cyber awareness training
• SWIFT CSP assessments
• IT risk assessment and controls
• IT business continuity (BCM) and disaster recovery plan (DRP) – from strategy and business impact analysis (BIA) through to planning and implementation of emergency scenarios

We would be happy to use our knowledge from our wide array of auditing activities to advise you on various IT topics.

• Evaluation and benchmarking of your data analytics approach
• Overview of available technologies and support in their selection
• Development of specific data analytics for areas such as internal audit (SQL, ACL, IDEA)
• Data visualisation (Power BI, Tableau, Spotfire, Qlik Sense)
• Evaluation of your IT operating models and IT organisation
• IT assessments for reviewing and analysing the efficiency and effectiveness of your IT organisation
• Project monitoring and support for transformation projects
• Evaluation of any given data sets and data migrations