Information and Communication Technology (ICT) Audit

Information and Communication Technology (ICT) Audit

 

ICT Audit and Assurance:  

  • General control reviews (GCR)  
  • Application control reviews (ACR)  
  • Project Management review  
  • ICT security reviews, etc.  

ICT governance reviews  

ICT Governance is a fundamental constituent of Corporate Governance that focuses on the effective management of ICT Risk and optimal utilisation of ICT resources and is the responsibilities of executives and the board of directors, and consists of the leadership, organisational structures and processes. Our approach therefore ensures we take into account all key principles, including King IV.  

Cyber Security Assessments:  

  • Technical firewall, antivirus and patch management assessments  
  • Configuration, compliance and vulnerability assessments on operating systems, databases, websites, web-applications, etc.  
  • Internal and external vulnerability assessments  
  • Penetration testing (Black-box, grey-box or white-box) 
  • Cyber forensic services  

Continuous Auditing- Utilisation of Automated Tools  

Organisations are employing Continuous Auditing (CA) and Monitoring (CM) techniques to better manage risk while optimising resources, improve performance and create value. Technology plays a key role in Continuous Audit activities by helping to automate the identification of exceptions/ anomalies/ possible fraudulent activities, analyse patterns, review trends, and test controls, among other activities.  

Integrated Data Analytics  

Allows Internal Audit to continuously assess in an efficient and sustainable manner, the level at which risks are being managed.  

Automated Analytics  

Refined and integrated audit planning, efficient execution and 100% population testing.  

Continuous Auditing 

Development and implementation of customised continuous auditing model for critical business areas.  

Continuous Monitoring  

Upon our exit, our clients empowered with the necessary tools to independently manage the continuous monitoring process.  

Project Management and Assurance 

  • Project pre, post and implementation reviews  
  • Data migration/ conversion reviews  
  • Project tender evaluations 
  • Project governance assessments that focuses on ensuring that appropriate controls were applied throughout the life-cycle of the project