System Implementation Assurance
We help our clients to ensure that IT system implementations meet your business objectives. These services may result from major organisational changes or implementation of new technologies. We provide assurance on your customized system development projects and/or applications requiring the utmost assurance of data quality and integrity.
Our work is typically split into two phases:
Pre-implementation phase
This stage will help ensure that potential implementation "pitfalls" are avoided and that security is maximised from the outset. We typically review the implementation plan and recommend how to incorporate the necessary controls during implementation. We ensure that:
- The user group together with the development and implementation teams are fully conversant with security requirements for all sensitive applications
- Security controls are embedded into the software during the development phase
- Security profiles for the user group and implementation teams are set up to reflect organisational structure
- The implementation, maintenance and continuity contract with hardware and software vendors includes provision for the necessary level of support
Post-implementation phase
Post-implementation stage is important to assess and conclude that the project was implemented properly. We determine whether input, output and interface controls are protected, comprehensive and effective to ensure that data integrity can be maintained throughout the relevant transaction cycles. We ensure that:
- Application-level logical access controls support segregation of duties and access to sensitive functions and that access to confidential and/or important business data is appropriately secured
- Roles and responsibilities for transaction input and authorisation/update are segregated
- Clear screen and clean desk policies are enforced
- Restricted database access allows only authorised changes
- Adequate change control procedures for developers (no "back doors")
- Reports, including exception reports, are required and are reviewed on a timely basis
- Input, processing and output stages are appropriately controlled
What are the benefits for the company?
We ensure that the implementation of the IT project will include functionality and security requirements that are vital to the success and integrity of your new system. By working with us, you will be able to:
- Design controls into your application at the outset, thereby minimising any rework costs following implementation and project completion
- Eliminate or reduce critical risks through focused pre-implementation testing
- Gain greater confidence in controlling the introduction of new technologies
What can Deloitte CIS offer?
As part of our implementation project assurance offering, we review the project completion at critical life cycle milestones and assess whether you’re new application is ready for final data conversion and “going live”. During implementation we focus on such essential issues as:
- Incorporation of user requirements in the application specification
- Correlation with corporate objectives
- Availability of signed “user acceptance” tests forms
- Vendor provision of user and system manuals
- Level of end-user training by vendor/in house development
- Change control process and documentation
- Adequacy of IT support available or arrangements with third party consultants
- Back ups and other disaster recovery/business continuity issues
Our services include:
- System pre-implementation reviews
- System post-implementation reviews
- Data conversion tests
Contacts
Manuel Hutama
Head of Consulting & ERS
Tel.: +7 (727) 258 13 40
Please see About Deloitte for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.
German desk